Confirmation for cached passphrases useful?
Doug Barton
dougb at dougbarton.us
Mon Oct 18 03:09:48 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 10/17/2010 5:43 PM, Faramir wrote:
|
| That may be true. However, remember feeling secure is part of security
| too, so if that feature doesn't break anything, and make people sleep
| better...
Two problems with that theory. The first is that a false sense of
security does more harm than good. The second is that there is no such
thing as a zero-cost change to software. So any proposed change has to
have benefits that outweigh the costs. Of course accurately anticipating
those costs is a whole different category of problems. :)
Doug
- --
Breadth of IT experience, and | Nothin' ever doesn't change,
depth of knowledge in the DNS. | but nothin' changes much.
Yours for the right price. :) | -- OK Go
http://SupersetSolutions.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (MingW32)
iQEcBAEBCAAGBQJMu55cAAoJEFzGhvEaGryErNUH/iUNcxZJCLG93g7GuaKpZK5A
Ef68JxFHHrlVqlhCsFaAWbkCgYqmJp+z5PqxUbxE7zoJojXcVNnm0GaSfuhwKVp1
nyVOZwa60C0OH+9eCE29hYh3/Bn+IbzYnBvzg23cYBcfl0wi7JbJNdxlbvRpWsB2
CeTIOhUx9auF/Bya1qrC4HIga4zcdKRJp5qL59AdiQxBJhyUIDM3d8E+g2GPYWqO
WV8ZjuC8bOLPCoCHTz9957+HQqiHRtGF33cTvNokzO7SaK0UCCZ3UXkD0RKY69CS
WpvY08K/rKoI7bHPSa0oCQuX06mosdgFAwJtfAGxaQe7j5O9hn2/EGP+Mw9MgYE=
=S7zO
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list