[sldev] Re: [META] Formal critique of new auth mechanism?

Dale Glass dale at daleglass.net
Sat Sep 29 12:55:12 PDT 2007


On Saturday 29 September 2007 20:40:02 Matthew Dowd wrote:
> I've made a start of this at
>
> https://wiki.secondlife.com/wiki/Viewer_Authentication_Critique
>
> I've divided this into three sections which I think reflect the three
> objectives of the new system: Security, Flexibility and Persistence and
> within each put subsections of Pros, Cons and Alternatives.
>
> I've started fleshing this out from the discussion so far.

Looks good :-)

BTW, by attaching a list of names I meant not attaching it to the whole 
page, but to specific criticisms. Example:

Viewer still involves running trusted code on the computer and could 
initiate other attacks e.g. (Endorsed by Dale Glass, Nicholaz Beresford 
and Gigs Taggart)

And so on for each entry, as I imagine somebody will disagree with one part 
or another, and checking what the page looked like at the time it was 
signed is very burdensome.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.secondlife.com/pipermail/sldev/attachments/20070929/a4e3c884/attachment.pgp


More information about the SLDev mailing list