[sldev] More about viewer auth in today's RC

[Phoenix]

On 2007-12-04, at 16:23, Tateru Nino wrote:
> Jason Giglio wrote:
>> Tess Chu wrote:
>>> part of the system that is necessarily shrouded in the most secrecy
>>> (since we are trying to keep the bad guys out).  Though we fully  
>>> expect
>>
>> If a security system relies on secret algorithms to be effective,  
>> it's
>> worthless.
> I'd have to go with Jason here. It _does_ sound like you're preaching
> security-through-obscurity. Please, please, please, please correct  
> us if
> we misinterpreted what you meant.
>
> I'd also love to hear that the bit being kept secret isn't "This is a
> part of the streambase integration" - I mean, that's all over the  
> news,
> but hasn't been mentioned here.
>

The quote is pretty unfair. To add some context:

On 12/4/07, Tess Chu <tess at lindenlab.com> wrote:
 > (since we are trying to keep the bad guys out).  Though we fully  
expect
 > Second Life to become more open over time, there will always need  
to be
 > secrets.  We are, after all, not planning on publishing the root
 > password for our systems any time soon.

I admit it freely -- if we give out a password, the system can be  
compromised. We are not employing any kind of homespun security system.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 186 bytes
Desc: This is a digitally signed message part
Url : http://lists.secondlife.com/pipermail/sldev/attachments/20071204/293a0db8/PGP.pgp