On Tue, 11 Jun 1996, Danny L. Shadix wrote:
> MS doesn't purport that Active-X is in any way secure. What they propose is that everyone will use certificates to verify that the Active-X component is actually the one written by the person it claims to have written it. Then you will "trust" that that person didn't write anything that is dangerous to you. So, you'd decide who you trust, then only accept code written by those persons. I can't see using in anywhere but on an Intranet, or maybe from a very few trusted hosts (maybe your corporate headquarters). I'm trying to figure out how this certificate server is supposed to work. I'd like to be able to block this stuff at the firewall and then only stuff that exists on the inside will ever be executed.
Exactly. My understanding of certificates per se, is that they would
most likely be something on the order of pgp signatures, if not pgp
signatures themselves. Again, netscape is supposed to be implemtneing,
or trying to implement this sort of authentication scheme as well...
Later,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
References:
|
|
