Re: Buffer overflow or overrun?

[tcleary2 () csc com au]

My .02 AUD.

authentification should be a real word, since in practice many people feel
that the two processes should be completely linked (identification and
authentication, that is )

In practice, the idea of a digital signature provides both functions but
purely to satisfy the assumption that most people make e.g. that the person
and the data they supply are "genuine".

Concepts like the "web of trust" are a different way of satisfying the same
need, namely that people and the things they send/do are indivisible from a
trust perspective.

As another dodgy analogy try this:

Client: I'm Jeffrey Dahmer.
Server: Here's your knife, Mr. Dahmer.

Or is this too OO?  ;-)

Regards,

tom.

__________________________________________________
Security Consultant/Analyst
CSC
Ph: +61 8 9429 6478    Email: tcleary2 () csc com au
----------------------------------------------------------------------------------------

This email, including any attachments, is intended only for use by the
addressee(s) and may contain confidential and/or personal information and
may also be the subject of legal privilege. Any personal information
contained in this email is not to be used or disclosed for any purpose
other than the purpose for which you have received it. If you are not the
intended recipient, you must not disclose or use the information contained
in it. In this case, please let me know by return email, delete the message
permanently from your system and destroy any copies.
----------------------------------------------------------------------------------------