[E-Lang] Thoughts on Persistence in E.
Bill Frantz
frantz@pwpconsult.com
Fri, 21 Sep 2001 11:21:26 -0700
At 3:02 AM -0700 9/21/01, steve jenson wrote:
>Quoting Mark S. Miller (markm@caplet.com):
>> Brand, Sealer, Unsealer, SealedBox
>
>I suppose this is another email for another time but looking through the
>java source for these confuses me. They don't seem to do much. At least,
>they don't seem "strong". Are these ever going to be cryptographically
>secure? Maybe I'm misjudging their use.
Let me take a stab at this one.
The current E security assumptions include the assertion that the local
machine is secure. As such, there is no cryptography used for local
storage. One could use an encrypted file system to protect data when the
machine is not in use (for example, a laptop). Since these functions run
only on the local machine, they can be trusted by the owner/operator of
that machine.
Cheers - Bill
-------------------------------------------------------------------------
Bill Frantz | The principal effect of| Periwinkle -- Consulting
(408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave.
frantz@pwpconsult.com | fair use. | Los Gatos, CA 95032, USA