[5237] in cryptography@c2.net mail archive
Re: Security Lab To Certify Banking Applications
daemon@ATHENA.MIT.EDU (Rick Smith)
Tue Jul 27 11:19:36 1999
Date: Tue, 27 Jul 1999 09:47:18 -0500
To: Tom Weinstein <tomw@geocast.com>,
"William H. Geiger III" <whgiii@openpgp.net>
From: Rick Smith <rick_smith@securecomputing.com>
Cc: Robert Hettinga <rah@shipwright.com>, dcsb@ai.mit.edu, cryptography@c2.net,
Digital Bearer Settlement List <dbs@philodox.com>
In-Reply-To: <379CF1BA.F7DF51E8@geocast.com>
Regarding the general direction of these comments....
>"William H. Geiger III" wrote:
>> Well I have my doubts on this. Either they refuse to certify Microsoft &
>> Netscape software and alienate 90% of the consumer market, or they do
>> certify them making their certification worthless.
At 04:39 PM 7/26/99 -0700, Tom Weinstein wrote:
>While they certainly couldn't certify any browser that included Java or
>JavaScript, .....
Naturally I understand the logic behind these, but it's a bit like saying
"We won't sell anyone a car unless it's burglarproof." People use their
cars quite a bit even though they're expensive and risk of being stolen.
I basically gave up on Java-bashing when I encountered Java and/or
Javascript on DoD web sites dedicated to computer security awareness.
Clearly the battle had been lost :-Q
Rick.
smith@securecomputing.com
