river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niclas Hedhman <nic...@hedhman.org>
Subject Re: Learnings from a RevokeableDynamicPolicy & A Future Roadmap
Date Mon, 16 Aug 2010 11:38:55 GMT
On Sat, Aug 7, 2010 at 2:10 PM, Peter Firmstone <jini@zeus.net.au> wrote:
> Please help identify any fallacies or oversights in the following arguments.

I am not a security expert by any means, but in principle I know;

 * Security is hard. The more complex, the more likely it is to be flawed.
 * I suspect that any scheme is impossible to prove to be guaranteed
secure. Only "know to be" secured until proven wrong, in some cases
too late.

So the general advice is; Keep it simple, or it won't work, just make
it much harder for the developers.

Niclas Hedhman, Software Developer
http://www.qi4j.org - New Energy for Java

I  live here; http://tinyurl.com/2qq9er
I  work here; http://tinyurl.com/2ymelc
I relax here; http://tinyurl.com/2cgsug

View raw message