Horst Herb wrote: > On Thu, 6 Apr 2006 10:20, Greg Twyford wrote: >>> 1) NSW Police is not HeSA and to equate the two as you do in your >>> message subject line is not sensible. They aren't even in the same tier >>> of government. >> Tim, >> >> I guess Horst's point is that if a public authority in such a >> security-sensitive an area as counter-terrorism can stuff-up like this, >> then how can one trust other, arguably much less sensitive, areas. >> >> Levels of government are irrelevant, in my view. Especially when, as he >> has been campaigning about for ages, HeSA has no really good reason for >> generating GPs certificates in the first place. > > Yes, that was the whole point.;l Sadly, Tim missed it.
No, I didn't miss it, as I took pains to explain at some length in my last post, if you care to read it. What I did miss is the logic I have come to expect from Horst, sadly absent in this instance. I will repeat: NSW Police revealing Internet mailing list passwords: stupid mistake. HeSA's policies on key generation (and just about everything else): stupid mistake. Are the two even vaguely related: nope. Horst, I don't care if you bag HeSA: they deserve it. I don't care if you bag NSW Police, or any other government organisation: they probably deserve it too. I do care however, if you of all people, suggest that a stuff-up by a Web server administrator in NSW Police is, to quote your words, "another good reason not to trust HeSA with our private keys". There are many good reasons not to trust HeSA (or anyone) with our private keys, but an embarrassing but not particularly consequential mistake by a junior IT person in the NSW Police Department is not one of them. Enough, OK? Tim C _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
