From: Jeff Bone (jbone@jump.net)
Date: Sat Sep 30 2000 - 08:46:34 PDT
> So, Tony, consider this a flame: What the hell bits do you have to
> back up your touchy-feely, heeby-jeeby unsubstantiated,
> soon-to-die-in-bit-to-bit-mortal-kombat assertion below?
>
Yow! GO ROHIT! :-)
> ...it kills me I can't deploy the Right Answer (TM).
Hear ya.
> But they are *not* within shippable reach. People understand locks
> and keys and file cabinets and blacklists. Credentialling,
> delegation, and webs of trust are out of the commercial question.
>
Isn't that always the story, even aside from the particular security issue
you're mentioning? It's enough to make one cynical.
> I'm a little sick of folks dissing the theoretical impossibility of the Web.
>
Yup, me too.
>
> Or are you implying another tack, that no one could write a
> reasonably-secure HTTP microserver capable of withstanding serious
> security auditing? I hear no less than Jef Poskanzer has one that
> runs off of inetd in 150 lines of C.
It's a beautiful piece of work, too! (NB: we tried to hire Jef for Activerse,
couldn't get him excited about Austin. :-/ )
jb
This archive was generated by hypermail 2b29 : Sat Sep 30 2000 - 09:06:11 PDT