There is no perfect security. All "security" is a measure of 'cost to circumvent', and those costs are evaluated over many axes, with different evaluation functions in different places. Delegations are bound to a serial number, so they do not affect security unless you decide to employ them for a particular laptop. There may be contexts in which the school server cannot be trusted; don't delegate to that school server, then. But in some places, you can trade off greater required school server security for the ability to issue shorter leases, and there are "cost functions" for which this results in improved "security".
As Martin says, theft-deterrence will always be an ongoing cat and mouse game. This is just the next step, which allows us to explore corners of the tradeoff space we couldn't previously. --scott -- ( http://cscott.net/ ) _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
