>Return-Path: <[EMAIL PROTECTED]>
>Delivered-To: [EMAIL PROTECTED]
>To: [EMAIL PROTECTED]
>From: [EMAIL PROTECTED]
>Subject: BOUNCE [EMAIL PROTECTED]: Non-member submission from [Dave Crocker
><[EMAIL PROTECTED]>]
>Date: Sat, 17 Jul 1999 19:49:13 -0400 (EDT)
>
>>From [EMAIL PROTECTED] Sat Jul 17 19:49:10 1999
>Return-Path: <[EMAIL PROTECTED]>
>Delivered-To: [EMAIL PROTECTED]
>Received: from postman.bayarea.net (postman.bayarea.net [205.219.84.13])
> by ns1.vrx.net (Postfix) with ESMTP id 1967CF02C
> for <[EMAIL PROTECTED]>; Sat, 17 Jul 1999 19:49:10 -0400 (EDT)
>Received: from shell2.bayarea.net (shell2.bayarea.net [205.219.84.7])
> by postman.bayarea.net (8.9.3/8.9.3) with ESMTP id QAA06315;
> Sat, 17 Jul 1999 16:42:57 -0700 (PDT)
>Received: from dave-vaio (free.88.106.bayarea.net [205.219.88.106])
> by shell2.bayarea.net (8.8.8/8.8.5) with ESMTP id QAA15865;
> Sat, 17 Jul 1999 16:43:23 -0700 (PDT)
>Message-Id: <[EMAIL PROTECTED]>
>X-Sender: [EMAIL PROTECTED]
>X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.56 (Beta)
>Date: Sat, 17 Jul 1999 16:28:55 -0700
>To: Andy Gardner <[EMAIL PROTECTED]>
>From: Dave Crocker <[EMAIL PROTECTED]>
>Subject: Re: [IDNO-DISCUSS] Re: [IFWP] Why fail on purpose
>Cc: [EMAIL PROTECTED], [EMAIL PROTECTED],
> [EMAIL PROTECTED]
>In-Reply-To: <v03102802b3b6759a12eb@[202.27.208.23]>
>References: <[EMAIL PROTECTED]>
> <[EMAIL PROTECTED]>
> <[EMAIL PROTECTED]>
>Mime-Version: 1.0
>Content-Type: text/plain; charset="us-ascii"; format=flowed
>
>At 11:07 AM 7/17/99 , Andy Gardner wrote:
>>ICANN - that's the supposed "open" organisation that is blocking the
>>recognition of IDNO?
>
>Refusal to accept IDNO is hardly proof of being closed.
>
>As Kent noted, there are some operational aspects to IDNO which should
>cause any reasonable evaluator to question its legitimacy as a
>representative body for the constituency it claims.
>
>> >Password protection is amazingly naive.
>>
>>You haven't done your homework. Memebers are assigned a password by the
>>system, not the other way around. You can set up as many e-mail address as
>>you want, but you'd only have one that was issued a password.
>
>Your statement means that "email address" is not the "identifier" for
>distinguishing between people. What is? What prevents one person from
>having/using multiple such ID's?
>
>The reality is almost certain to prove to be that a serious security audit
>to the desig the design to be massively laced with holes and poor assumptions.
>
>1. Getting this sort of system design right is really a remarkably
>difficult technical task, particularly for large scale use. Even if you
>can fully prove the legitimacy of your 21-person system, it will be quite
>another task to prove it for 21,000-person use, never mind the fact that
>anything like this on the real Internet had better be design to work for
>21,000,000, at least.
>
>2. Ultimately this sort of voting needs to stand up under scrutiny of
>legal review and I believe there is, as of yet, no case law to support it.
>
>>Stick to your day job.
>
>It happens that Kent's day job IS network security and he's quite good at
>it. I have to work with experts in security and most of them are only good
>at highly focused issues, rather than at looking at system-wide
>concerns. Kent happens to be good at systems issues. Care to reconsider
>you overly-quick dismissal of the issues he raised?
>
>d/
>
>=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>Dave Crocker Tel: +1 408 246 8253
>Brandenburg Consulting Fax: +1 408 273 6464
>675 Spruce Drive <http://www.brandenburg.com>
>Sunnyvale, CA 94086 USA <mailto:[EMAIL PROTECTED]>
>
>
--
Richard Sexton | [EMAIL PROTECTED] | http://dns.vrx.net/tech/rootzone
http://killifish.vrx.net http://www.mbz.org http://lists.aquaria.net
Bannockburn, Ontario, Canada, 70 & 72 280SE, 83 300SD +1 (613) 473-1719
