another aspect that overlaps PKIs and quality is the difference between
"application" code and "service" code .... turning an application into a
service can be hard .... possibly writing 4-10 times as much code as in the
base application infrastructure .... and very high-quality code ....
dealing with potentially very complex failure modes. Related thread
("buffer overflow") has been running in the sci.crypt newsgroups. ....
partial reference:
http://www.garlic.com/~lynn/2001n.html#93 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#91 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#90 Buffer overflowalso an older thread regarding "assurance" in application and digital signature authentication http://www.garlic.com/~lynn/aadsm5.htm#asrn1 Assurance, e-commerce, and some x9.59 http://www.garlic.com/~lynn/aadsm5.htm#asrn2 Assurance, e-commerce, and some x9.59 http://www.garlic.com/~lynn/aadsm5.htm#asrn3 Assurance, e-commerce, and some x9.59 http://www.garlic.com/~lynn/aadsm5.htm#asrn4 assurance, x9.59, etc [EMAIL PROTECTED] at 12?29/2001 3:22 pm wrote: Now, an interesting thing might be regarding rapid uptake of general security. One could contend that majority of the market believes that good, strong security should be an attribute of the basic infrastructure ... somewhat like the issue of automobile quality in the '70s, not going to pay any more for it ... but would migrate to a manufactor that had significantly better quality. You then have the 1) vendors that don't see quality as worth while since they won't be able to charge more 2) new vendors that would like to sell "quality" as a stand-alone attribute ... not actually having to manufactor automobiles .... but somehow convince customers that they can sell quality independent of any product, and 3) vendors that feel that they can eventually gain market share by providing better quality. Substitute "security" and/or "PKI" in place of "quality". Part of the issue is that security (and strong authentication) should be an attribute of the basic infrastructure ... not something that exists by itself in a vacuum. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
