On Tue, Dec 02, 2003 at 05:19:22PM -0800, Tom wrote: > I think the DD's should seriously think about requiring smartcards. It > would have prevented the proxmiate cause of our recent troubles.
No, we have to deal with a large population of untrusted individuals. Even if we can keep outsiders out of our systems (which sounds for me more and more unlikely) then we still have to face intruders from inside. You know the numbers tells you it will happen. Even if it is painful to decide: more priveledges to DDs on a need-to-have base. And: I am the last person who think it is fine to support a more powerful elite, but I dont see a way around it. You still can earn an account for a service, if you proof yourself worth. Thinking of web page translators, ftp-masters or whatever. If we are aware about that risk, and have established some midigation, we can start to address the other risks, which are harder to tackle. Smart Cards for example will require a huge investment. And sadly it is not one a sponsor can cover easyly. But using them will, for sure make the trust in a developers signature stronger. It will not allow us to trust the developer more. Greetings Bernd -- (OO) -- [EMAIL PROTECTED] -- ( .. ) [EMAIL PROTECTED],linux.de,debian.org} http://home.pages.de/~eckes/ o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +497257930613 BE5-RIPE (O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!