river-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sim IJskes - QCG <...@qcg.nl>
Subject Re: Towards Internet Jini Services (dos attacks) Smart Proxy Isolation
Date Sun, 03 Oct 2010 13:00:45 GMT
On 10/03/2010 11:00 AM, Peter Firmstone wrote:
> I've got some thoughts about how to isolate a smart proxy, please tell
> me yours:

Are you sure you want to go the technical way, almost adding a function, 
missing from the VM and runtime libraries, just because you want to 
download anything you want, and execute it immediately?

Isn't the general advice we give to people, think before you download, 
and can't we extend this to jini?

I see many similarities to having a jini code clearinghouse and mobile 
application appstores. I just don't want to limit peoples choices to 1 
single appstore, and don't want to expose them to the naive keystore 
model used for https, where 1 faulty certificate authority can 
deteriorate the whole system.

Gr. Sim

View raw message