[2829] in WWW Security List Archive
Re: Applet security (was Re: ActiveX security hole reported).
daemon@ATHENA.MIT.EDU (Steve Lodin)
Wed Aug 28 13:27:40 1996
From: "Steve Lodin" <swlodin@eng.delcoelect.com>
Date: Wed, 28 Aug 1996 10:26:46 -0500
In-Reply-To: Mary Ellen Zurko <zurko@osf.org>
"Re: Applet security (was Re: ActiveX security hole reported)." (Aug 28, 8:52am)
To: Mary Ellen Zurko <zurko@osf.org>, Michael Burati <burati@apollo.hp.com>
Cc: "David M. Chess" <CHESS@watson.ibm.com>, www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
On Aug 28, 8:52am, Mary Ellen Zurko wrote:
>
> Lots of people are talking about it. At the W3C, they're proposing a
> Digital Signature project, with one part being work on the signature
> technology, and one part being work on the policy. They're floating
> extending PICS for policy, but I don't see that a language designed for
> linear rating scales is a particularly good starting point. They've
> also mentioned SDSI, which looks like it has more promise.
>
More information on SDSI is available at:
http://theory.lcs.mit.edu/~rivest/sdsi.ps
The concept is interesting. The implementation is fairly clean (if you can
accept LISP/Scheme syntax and all its baggage). It has support from MS, which
depending on your point of view might be a good thing.
I have no affiliation with this other than listening to Ron give the keynote at
the USENIX Security Symposium and reading the paper.
Steve
--
Steve Lodin - Delco Electronics - swlodin@delcoelect.com - (317)451-0479
It's unAmerican and the Government has us by the short and curlies.
-- Marcus Ranum about commercial key escrow
