[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [kDev] Simple Distributed Authentication and KendraBase

Hi Kirit, Dave and All,

OK. What would really help here is a *security model*. What are the requirements/goals? We need to know these criteria so we can judge that what gets created solves our security problems. So, rather than saying let's just have lots of big security can you say what that actually means? What are the specifics.

Dave gave us a suggested implementation but I'd say models/concepts need to come before implementation ideas otherwise how do we know how to judge the implementation? What does the security need to do? Let's agree on a model first and then talk about implementation, yeh?

The wiki is a great place to start a security model description. So, please do feel free to use that resource. Things tend to get a bit lost on this list...

Cheers Daniel

On Monday, September 15, 2003, at 06:50  pm, Kirit Saelensminde wrote:
You've professed wanting both and that means going for the greatest security requirement not the lowest common denominator.