[E-Lang] not a statement of consensus on ERiaSR versus liveref

[Bill Frantz]

At 4:39 PM -0700 4/26/01, Marc Stiegler wrote:
>-- Neither ERiaSR nor the simple liveref rule protects from the more serious
>Hartley time-value-of-messages attack.

Since Ralph's attack depends on traffic analysis, making the application
protocol resistant to traffic analysis seems like a fruitful area to
consider.  If every offer has to have a response (by the program, not the
human, the default is "reject") within a certain period of time, then
Mallory's problem becomes much harder.

Cheers - Bill


-------------------------------------------------------------------------
Bill Frantz       | Microsoft Outlook, the     | Periwinkle -- Consulting
(408)356-8506     | hacker's path to your      | 16345 Englewood Ave.
frantz@netcom.com | hard disk.                 | Los Gatos, CA 95032, USA