[sldev] Re: [META] Formal critique of new auth mechanism?
Dale Glass
dale at daleglass.net
Sat Sep 29 12:55:12 PDT 2007
On Saturday 29 September 2007 20:40:02 Matthew Dowd wrote:
> I've made a start of this at
>
> https://wiki.secondlife.com/wiki/Viewer_Authentication_Critique
>
> I've divided this into three sections which I think reflect the three
> objectives of the new system: Security, Flexibility and Persistence and
> within each put subsections of Pros, Cons and Alternatives.
>
> I've started fleshing this out from the discussion so far.
Looks good :-)
BTW, by attaching a list of names I meant not attaching it to the whole
page, but to specific criticisms. Example:
Viewer still involves running trusted code on the computer and could
initiate other attacks e.g. (Endorsed by Dale Glass, Nicholaz Beresford
and Gigs Taggart)
And so on for each entry, as I imagine somebody will disagree with one part
or another, and checking what the page looked like at the time it was
signed is very burdensome.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.secondlife.com/pipermail/sldev/attachments/20070929/a4e3c884/attachment.pgp
More information about the SLDev
mailing list