From: “James A. Donald” <jamesd@echeque.com>
To: cypherpunks@toad.com
Message Hash: e087204cbdf20246d5918eb12692d2cef4f332cd298e0e312ab12db9b39c8f41
Message ID: <199601200830.AAA07615@mailx.best.com>
Reply To: N/A
UTC Datetime: 1996-01-20 08:40:09 UTC
Raw Date: Sat, 20 Jan 1996 16:40:09 +0800
From: "James A. Donald" <jamesd@echeque.com>
Date: Sat, 20 Jan 1996 16:40:09 +0800
To: cypherpunks@toad.com
Subject: Re: authenticating intrahost crypto providers
Message-ID: <199601200830.AAA07615@mailx.best.com>
MIME-Version: 1.0
Content-Type: text/plain
At 11:37 AM 1/18/96 EST, James Leppek wrote:
>
> I have been doing some research on the development of an abstract
> security services API(not just a CAPI) and have hit a road block.
> The problem revolves around the need to authenticate a
> security service provider to an application.
No such need.
If the attacker can introduce his own module to supply crypto services
then he must have administrator (NT equivalent of root) privileges,
in which case your are stuffed regardless.
---------------------------------------------------------------------
|
We have the right to defend ourselves | http://www.jim.com/jamesd/
and our property, because of the kind |
of animals that we are. True law | James A. Donald
derives from this right, not from the |
arbitrary power of the state. | jamesd@echeque.com
Return to January 1996
Return to ““Patiwat Panurach (akira rising)” <pati@ipied.tu.ac.th>”