At Mon, 08 Jan 2007 12:02:57 -0500, "Jonathan S. Shapiro" <[EMAIL PROTECTED]> wrote: > > I propose that we change the subject line on this discussion. > > Can somebody remind me how, in a system providing only translucent > storage allocation, one can safely manage the private portion of a > cryptographic key? > > I do remember that we discussed this. I do not remember what the > proposed resolution was.
It depends on what you mean. If the example is that the user has a key which he wants to hide from the applications, then he puts the key into its own application, and provides only access via service invocation, not process instantiation. The other way around, ie applications hiding the key from the user, is not possible of course. In general theapproach is to replace process instantiation with service invocation. Thanks, Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
