<<< Date Index >>>     <<< Thread Index >>>

[IP] more on A Model for when Disclosure Helps Security: What Is Different About Computer and Network Security?





Begin forwarded message:

From: David Byrden <David@xxxxxxxxxx>
Date: September 9, 2004 4:22:14 AM EDT
To: dave@xxxxxxxxxx
Subject: Re: [IP] A Model for when Disclosure Helps Security: What Is Different About Computer and Network Security?


Dave:

The article referred by Monty Solomon states that
"disclosure cannot both help and hurt security".

But the implicit assumption that 'disclosure' would cover
every last detail, is an unhelpful oversimplification.

Proponents of disclosure do not recommend disclosing
*everything* - as an obvious example, they do not want to
disclose the secrets which the security system is meant
to protect. As a more pertinent example, it is often recommended
to disclose the algorithm of an encryption system, but *not*
the keys that are used for a particular session.

                                                David

-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/