[E-Lang] Re: there is no security without a threat model (was: Re:
[p2p-hackers] Reputation System: "Dimensions of Trust")
Mark S. Miller
markm@caplet.com
Sun, 10 Jun 2001 18:33:08 -0700
In another forum, At 12:21 PM Thursday 6/7/01, zooko@zooko.com wrote:
>One thing that can be said for certain is that attempts to provide security of
>any kind desperately need to have the threat model made explicit. [...]
>Bram Cohen [...] saying that the hardest
>part of crypto engineering is deciding what threat model you are addressing.
So let's work on threat models for E, and for a few example apps built in E
(like EChat, either or both MintMakers, and the stock market challenge).
Where/how do we start?
Cheers,
--MarkM