From: Simon Spero <ses@tipper.oit.unc.edu>
To: Lyal Collins <lyalc@ozemail.com.au>
Message Hash: 71964208cd29277c053bd5b7b2087f763237619e820ece89c6da36032199230c
Message ID: <Pine.SUN.3.91.960516141623.9358D-100000@tipper.oit.unc.edu>
Reply To: <319B436D.507E@ozemail.com.au>
UTC Datetime: 1996-05-18 01:47:01 UTC
Raw Date: Sat, 18 May 1996 09:47:01 +0800
From: Simon Spero <ses@tipper.oit.unc.edu>
Date: Sat, 18 May 1996 09:47:01 +0800
To: Lyal Collins <lyalc@ozemail.com.au>
Subject: Re: Java & signed applets
In-Reply-To: <319B436D.507E@ozemail.com.au>
Message-ID: <Pine.SUN.3.91.960516141623.9358D-100000@tipper.oit.unc.edu>
MIME-Version: 1.0
Content-Type: text/plain
On Thu, 16 May 1996, Lyal Collins wrote:
> Signing anything is somewaht a waste of time, unless the verification
> siftware is highly trusted, and there is good intergity/authenticity
> control of the root public key(s).
The verification software is simple enough to be quite highly trusted,
and if the privilege model is stupid enough, it too can be quickly
verified. The trickiest part of the process is making sure that you
don't sign any code you're not prepared to vouch for...
Simon
Return to May 1996
Return to “Simon Spero <ses@tipper.oit.unc.edu>”