[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
What do people use public suffix for?
1. Explicitly marking an administrative boundary is not inherently a
'security' function, although properly authorizing and protecting the
marking no doubt would be.
2. Defining a marking mechanism that is built into a security mechanism
that is designed for other purposes is overloading functionality, as
well as setting up a problematic critical dependency. That's not just
asking for trouble, it's guaranteeing it.
3. Since you made reference to assumptions a couple of times: the goal
here is an explicit marking mechanisms. No assumptions involved.
On 4/19/2013 7:58 PM, Jimmy Hess wrote:
> On 4/19/13, Dave Crocker <dhc2 at dcrocker.net> wrote:
>> On 4/19/2013 4:33 PM, Jimmy Hess wrote:
>> Absent a view that somehow says all metadata is a security function, I
>> don't see how the marking of administrative boundaries qualifies as a
>> security function.
> The security function comes in immediately, when you consider any
> actual uses for said kind of metadata.
> The issues are alleviated only by assuming that an administrative
> division always exists, unless you can show otherwise, and showing
> that the records are in the same zone is one way of showing otherwise.
> When you come to rely on it, there are new security issues.
> It becomes such that; It is perfectly safe to assume that there is
> an administrative division when there is not