Re: Ancient history

In article <d8kb7v$1pcj$1@agate.berkeley.edu>,
David Wagner <daw-usenet@taverner.cs.berkeley.edu> wrote:
>
>P.S. As for your other comments on DoS, I've lost the thread, but
>to answer the last question you had: no, I don't have an example off
>the top of my head of a high-security system where no component need
>resist DoS. I still think it is a bad idea to conflate different
>security goals, rather than trying to seek a one-size-fits-all security
>goal, because quite often the level of availability needed is different
>from the level of integrity needed (for instance).

Where they are generally different, I agree. My point is that they
aren't, both because the same breach can be a DoS in one context and
an integrity issue in another, and because it is usual for one sort
of breach to be a component of another.

Yes, separating the requirements is generally good, but the same does
not apply to separating the exploits.

Regards,
Nick Maclaren.
Received on Thu Sep 29 21:43:35 2005