On Mon, 8 Sep 2003, Sean Smith wrote:

>How can you verify that a remote computer is the "real thing, doing
>the right thing?"

You cannot.

>In contrast, this code is part of our ongoing effort to use open
>source and TCPA to turn ordinary computers into "virtual" secure
>coprocessors---more powerful but less secure than their high-assurance
>cousins.

The correct security approach is to never give a remote machine
any data that you don't want an untrusted machine to have. Anything
short of that *will* be cracked.

                                Bear

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to