1996-05-18 - Re: Java & signed applets

Header Data

From: Simon Spero <ses@tipper.oit.unc.edu>
To: Lyal Collins <lyalc@ozemail.com.au>
Message Hash: 71964208cd29277c053bd5b7b2087f763237619e820ece89c6da36032199230c
Message ID: <Pine.SUN.3.91.960516141623.9358D-100000@tipper.oit.unc.edu>
Reply To: <319B436D.507E@ozemail.com.au>
UTC Datetime: 1996-05-18 01:47:01 UTC
Raw Date: Sat, 18 May 1996 09:47:01 +0800

Raw message

From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sat, 18 May 1996 09:47:01 +0800
To: Lyal Collins <lyalc@ozemail.com.au>
Subject: Re: Java & signed applets
In-Reply-To: <319B436D.507E@ozemail.com.au>
Message-ID: <Pine.SUN.3.91.960516141623.9358D-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 16 May 1996, Lyal Collins wrote:

> Signing anything is somewaht a waste of time, unless the verification
> siftware is highly trusted, and there is good intergity/authenticity
> control of the root public key(s).

The verification software is simple enough to be quite highly trusted, 
and if the privilege model is stupid enough, it too can be quickly 
verified. The trickiest part of the process is  making sure that you 
don't sign any code you're not prepared to vouch for...

Simon






Thread