fyi: bear/enforcer open-source TCPA project
bear
bear at sonic.net
Mon Sep 8 19:54:32 EDT 2003
On Mon, 8 Sep 2003, Sean Smith wrote:
>How can you verify that a remote computer is the "real thing, doing
>the right thing?"
You cannot.
>In contrast, this code is part of our ongoing effort to use open
>source and TCPA to turn ordinary computers into "virtual" secure
>coprocessors---more powerful but less secure than their high-assurance
>cousins.
The correct security approach is to never give a remote machine
any data that you don't want an untrusted machine to have. Anything
short of that *will* be cracked.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list