Those are all (b).
On Jan 26, 2012, at 6:03 PM, Phillip Hallam-Baker wrote: > It is nonsense. > > Let us consider a Tier 6 security regime applied to management of a CA: > > Separation of duties - increases the number of trusted parties > No sequential access - increases the number of trusted parties > No lone zone - increases the number of trusted parties. > > Those are all NSA/GCHQ doctrines. I am pretty sure that they > understand security engineering at some level. > > > People need to stop talking about links in chains. If you have a > serious security architecture it does not look like a chain, it does > not have a single point failure mode. > > > > On Thu, Jan 26, 2012 at 5:55 PM, Richard L. Barnes <[email protected]> wrote: >>>>> As security engineers, our role is to (a) reduce the number of >>>>> entities we trust; (b) reduce the extent to which we trust the >>>>> remaining trusted entities; and (c) determine the trustworthiness of >>>>> trusted entities. >>>> >>>> Really? >>> >>> Yep. >> >> +1 >> >> One of the better definitions I've heard. I would question whether (c) is >> even in scope; seems like a relying party function. > > > > -- > Website: http://hallambaker.com/ _______________________________________________ therightkey mailing list [email protected] https://www.ietf.org/mailman/listinfo/therightkey
