On 10/6/2015 8:01 PM, Dr. Anthony Gabrielson wrote:
PGP is not a monolithic data store although it can interface with one. DoD encryption boxes are not monolithic. It all depends on the model and how trust is defined and established.
/etc/passwd is. So is every web service authentication system that I've ever seen in production.
What are your requirements and why?
Reliable, verifiable authentication that scales globally without any party having more than one set of credentials in their possession. Because the only way to guarantee that 19,000 company (or 37 million Ashley Madison) passwords/hashes/ciphers/whatever can't be stolen in a massive breach is not to have 19,000 company (or 37 million Ashley Madison) passwords/hashes/ciphers/whatever in one place.
-- Rich P. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
