At 12:48 PM 11/2/99 , shapj@us.ibm.com wrote:
>This transformation is not described in your security page in the
>description of Droplets capabilities. If I was directed to and therefore
>read a page with incomplete information, my apologies, but there are 30
>things on my plate today and I don't have time to browse your website.
>While this is undoubtedly a failing on my part, you might wish to consider
>that other people you wish to influence will have the same problem.
I was proposing Pluribus's transformation simply to provide needed specificity. Rather than examine in detail what transformation Pluribus provides, and whether it provides a security benefit, it's probably more productive all around for you to describe more clearly the transformation you are proposing, and (especially!) what additional security properties it is supposed to provide.
I know you are busy, we all are. But this issue is central and crucial to understanding what kind of cryptographic capability system we should all be building and using. And thanks much (!!) for the time you have already put into this matter.
>You may have an unrealized security if you indeed have an authenticated
>transforming interconversion. Whether you *believe* that it enhances
>security is another discussion.
>
>Whether you have such transformations is not germaine to whether such
>transformations enhance security.
Agreed, let us avoid discussing whether I believe X. Let us instead discuss whether X is true. How is such a transformation supposed to enhance security. And it would be great if you could explain what you mean by partitioning.
Btw, congratulations on the slashdot announcement!!! I think GPL is probably a very good choice for EROS. Feel free to send an announcement to the e-lang list.
Cheers,
--MarkM