[thelist] Digital Signature of Documents
Daniel Burke
dan.p.burke at gmail.com
Fri Mar 7 03:32:06 CST 2008
Ahh yes, excellent point. Cost vs Trust.
A very important concern for good Carlos.
If you're prepared to sign a new public key whenever a user loses
their key or forgets their passphrase, in the name of very strong
trust, then go with my idea.
However your in a business environment, so heed Kens words well.
I'm unaware of the crypto functions of Adobe/Word, so your users may
need to either download a tool, or at very least mess aroun with keys.
Or you could forgo crypto altogether and simply use a database to
store whether or not a particular user has signed off on a document.
It would certainly be the cheaper option, and no less secure than your
existing systems.
If you have access to your WFS's source code, implementing it would
make peoples lives a lot easier.
On Fri, Mar 7, 2008 at 7:04 PM, Ken Schaefer <Ken at adopenstatic.com> wrote:
> -----Original Message-----
> From: thelist-bounces at lists.evolt.org [mailto:thelist-bounces at lists.evolt.org] On Behalf Of Daniel Burke
>
> Subject: Re: [thelist] Digital Signature of Documents
>
>
> > I was under the impression that it was for the signing of documents.
> > So you think it is a good idea that the sysadmin is able to sign
> > things in your name?
>
> At some point, you have to trust your administrators.
>
> How far you trust them depends on how much is at risk from a security incident. Because the less you trust them, the most expensive it becomes to ensure that they can't subvert some system.
>
> In security, there are no absolutes. Saying that you can never trust a key pair generated by someone else is an absolute that simply doesn't apply in 100% of situations.
>
> Cheers
> Ken
> --
>
>
>
> * * Please support the community that supports you. * *
> http://evolt.org/help_support_evolt/
>
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !
>
--
http://www.users.on.net/~burito/
More information about the thelist
mailing list