Authentication at toad.com: WTF?
Eric Hughes
eric at remailer.net
Fri Dec 2 07:22:31 PST 1994
From: wcs at anchor.ho.att.com (bill.stewart at pleasantonca.ncr.com +1-510-484-6204)
Trusting someone else's verification
is less than ideal security policy :-)
But likewise, preventing folks from letting someone else (their legal
agent) perform verification for them is a less than ideal political
policy.
There are going to be lots of good reasons (mostly of cost) to use
agency relationship for security. It would be profitable to
characterize the threats and come up with some solutions rather than
to deny that these things will happen.
Eric
More information about the cypherpunks-legacy
mailing list