Re: [kDev] Simple Distributed Authentication and KendraBase

[Daniel Harris <daniel@xxxxxxxxxxxxx>]

Hi Kirit, Dave and All,

OK. What would really help here is a *security model*. What are the 
requirements/goals? We need to know these criteria so we can judge that 
what gets created solves our security problems. So, rather than saying 
let's just have lots of big security can you say what that actually 
means? What are the specifics.

Dave gave us a suggested implementation but I'd say models/concepts 
need to come before implementation ideas otherwise how do we know how 
to judge the implementation? What does the security need to do? Let's 
agree on a model first and then talk about implementation, yeh?

The wiki is a great place to start a security model description. So, 
please do feel free to use that resource. Things tend to get a bit lost 
on this list...

Cheers Daniel

On Monday, September 15, 2003, at 06:50  pm, Kirit Saelensminde wrote:
> You've professed wanting both and that means going for the greatest 
> security requirement not the lowest common denominator.