> At Wed, 2002-02-20 12:32:06 -0800 John W Baxter wrote: >> At 2002-02-20 13:16 -0500, Paul-Catalin Oros wrote: >> Implicitly approved people. I just tested this and it works fine.
> Implicitly approved people (addresses) can be forged. Easily. > Over on the developer list, I recently suggested using digitally > signed messages as the implicit approval mechanism. Now, we're > pretty much talking people rather than addresses (throw out the > key if one gets compromised). > The responses were all about various ways to implicitly approve > addresses. No response that I recall seeing discussed digital > signatures I'd like to have something like what digital signatures promise to be. OTOH, I'd much rather have something more like what Digicash promised to be, i.e. credentials AND anonymity. The trouble is that now, the certification scams put the worst scum in the world at the top of the "trust" tree, and the encryption is much much too weak. People rely on it too much as it is compared to its real reliability. I used to work with a guy who had developed a couple proprietary operating systems. They used an 8 character username & 8 char pass-word, primarily because that's about as much random cruft that people can remember, especially if they have a dozen of them. Once you get over 9, you've violated "the magic number 7 plus or minus 2". Anyway, he knew this, so he used to use very easily guessed pass-words, figuring that it didn't matter, no practical thing he could do would really be secure, anyway, so the heck with it. If you solve that one, you'll be set for life. "Experiments by psychologists such as those of [George] Miller [1956 March "The Magical #7, + or - 2" _The Psychological Review_ vol 63 #12 pg 86], suggest that the maximum number of chunks of information that an individual can simultaneously comprehend is on the order of 7, plus or minus 2." --- Grady Booch 1991 _Object-Oriented Design with Applications_ pg 14 John G. Otto, Eagle Scout, Knight, Cybernetic Praxeologist Existence, Consciousness, Identity, Life, Liberty, Property, Privacy, Justice <http://gosc.nisus.com/~giovanni> <http://www.nisus.com> ------------------------------------------------------ Mailman-Users maillist - [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users
