geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Blevins <david.blev...@visi.com>
Subject Re: Security stuff
Date Tue, 11 May 2004 12:05:46 GMT
On Tue, May 11, 2004 at 12:40:01PM +0100, Max Kington wrote:
> -----Original Message-----
> From: David Blevins [mailto:david.blevins@visi.com]
> Sent: 11 May 2004 12:37
> To: geronimo-dev@incubator.apache.org
> Subject: Re: Security stuff
> 
> > > >You missunderstood.  The tidbit I just mentioned is an additional step
> for distrobution security, like PGP signing of tar.gz and zip files on the
> Apache > > >download sites, not a replacement for runtime security.  I was
> just concurring and adding that we are not 'one-key-opens-all-doors' kind of
> thinkers.
> 
> > > >Security should be a layered onion, not an achilles heal.
> 
> Yes, but at the same time it should be easy to use and configure, added
> complexity leads to mistakes
> when people have to configure around your protocols, the onion shouldn't
> make you cry :-)
> 

Parfait! Security is like parfait ... everybody likes a good parfait.

Sorry, was just remembering the onion part of the movie Shreck :)

-David

Mime
View raw message