I have a client like this (maybe several, actually) ... after lots of long discussions, i learned just to listen carefully to make sure i understand what's underneath the jargon, and tell her i'll look into it. In a day or two or three, depending on their concern, i just send her an email or call her and announce that "It's fixed" or "Problem solved". It works really well. And it can be done in an honest way.
But i do listen carefully to make sure i understand the concern, no matter how strange it seems. Once in awhile, that's improved what i'm doing ... and then i still let her know i fixed it, once i have done it. I just have had to get used to speaking with this particular client around a bit of a "reality warp". -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Cameron Childress Sent: Thursday, January 13, 2005 12:28 AM To: [email protected] Subject: Re: [CFCDev] implicit invocation security concerns On Wed, 12 Jan 2005 09:15:20 -0600, Joe Ferraro <[EMAIL PROTECTED]> wrote: > My client asks that I prove "true containership" in mach-ii. Any > Suggestions? If I were to make a couple of totally wild assumptions about your client, they would be this: 1) Your client has no clue and is making stuff up as he goes along. He's use to being in an environment where no-one knows any better and therefore is very self confident in his totally made up, but presented as fact, statements. 2) Due to his lack of ability to recognise his own congured up words and definitions, he has accepted some ill-conceived and totally incorrect definition of "Implicit Invocation". It's your job to dig to the true nature of his consern, sans imaginary buzzwords. 3) If I were from the planet Neptune and someone said the words Implicit Invocation, I might think that it meant that certain programs could be invoked implicitly by some accidental action. For example, he may have convinced himself that it means receiving and email with the words "woogie boogie" could imply to your program that it should decrypt all encrypted data and send it to your entire address book (or some such thing). Given this context, I would think he is simply looking to be convinced that the program is self contained and cannot be influenced by unexpected inputs or accidentally "invoked" to do something it shouldn't do. --- As a side note, when speaking to clients, it's often good to just say "it's all voodoo magic and you don't need to know more than that", or perhaps "we develop applictions using tried and true well accepted standards tested and proven over time by a large community of uses". -Cameron ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' in the message of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com). An archive of the CFCDev list is available at www.mail-archive.com/[email protected] ---------------------------------------------------------- You are subscribed to cfcdev. To unsubscribe, send an email to [EMAIL PROTECTED] with the words 'unsubscribe cfcdev' in the message of the email. CFCDev is run by CFCZone (www.cfczone.org) and supported by Mindtool, Corporation (www.mindtool.com). An archive of the CFCDev list is available at www.mail-archive.com/[email protected]
