| Subject | Re: [IB-Architect] Fw: Mischievous SYSDBA |
|---|---|
| Author | Jan Mikkelsen |
| Post date | 2000-05-26T22:37Z |
Charlie Caro <ccaro@...> wrote:
Unless I've missed something fundamental, the executables are just files at
the end user's site, and the whole point of the exercise has been defeated.
What you have proposed is just security through obscurity.
Cryptography does not automatically provide security.
Jan Mikkelsen
>Keeping these digital certificates in a database or file at the end user'ssite
>would defeat the whole purpose of the exercise. It needs to be embedded inthe
>binary executables. Ownership and usage of databases is still under SQLcontrol.
>Ownership and usage of software executables controlled by digitalcertificates.
Unless I've missed something fundamental, the executables are just files at
the end user's site, and the whole point of the exercise has been defeated.
What you have proposed is just security through obscurity.
Cryptography does not automatically provide security.
Jan Mikkelsen