From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Fri, 26 Apr 1996 17:52:30 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: Mindshare and Java
In-Reply-To: <Pine.GUL.3.93.960425164813.27532L-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SOL.3.91.960425210631.23458A-100000@chivalry>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 25 Apr 1996, Rich Graves wrote:

> In my fantasy world, I'm not asking you to verify signatures every time
> you run something. Maybe you can tune how often you want stuff checked, so
> you have a tradeoff between security and performance.

In SolidOak, the verification is more or less free of charge, as it runs
the signature code in a separate low priority thread, which often gets to
complete during network induced latencies when fetching sub-classes, which
can be initiated on class download before the code is instantiated.It also
allows multiple classes to verified with just one PKOP, so the cpu cost 
is amortised over a lot of stuff

Simon

---
They say in  online country             So which side are you on boys
There is no middle way                  Which side are you on
You'll either be a Usenet man           Which side are you on boys
Or a thug for the CDA                   Which side are you on?
  National Union of Computer Operatives; Hackers, local 37   APL-CPIO