corollary to "security proportional to risk" is "parameterized risk management" 
... where variety of technologies with varying integrity levels can co-exist within the same 
infrastructure/framework. transactions exceeding particularly technology risk/integrity threshold 
may still be approved given various compensating processes are invoked (allows for multi-decade 
infrastructure operation w/o traumatic dislocation moving from technology to technology as well as 
multi-technology co-existence).

in the past I had brought this up to the people defining V3 extensions ... 
early in their process ... and they offered to let me do the work defining a V3 
integrity level field. My response was why bother with stale, static 
information when real valued operations would use much more capable dynamic, 
realtime, online process.

virtualization experience starting Jan1968, online at home since Mar1970

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to