|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: executable content
Marcus J. Ranum (mjr
nfr.net)
Tue, 23 Sep 1997 23:28:53 +0000
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Marcus J. Ranum: "Re: HTTP in practice"
- Previous message: Marcus J. Ranum: "artificial ignorance: how-to guide"
> The majority of customers I have encountered are concerned
> with performance above all else and scanning for the embedded
> script languages introduce noticable latency for an HTTP proxy.
Yup. ActiveX applets are supposed to (eventually) be
signed w/public keys. That'll be interesting, also, from
a performance standpoint. Certificate verification isn't
too bad, computationally, but in a full-blown certificate
environment* a check might require fetching certificates
and revocation lists, etc., ad nauseam.
I believe we have a problem here. The network is
growing very fast and the quantity and variety of
services is increasing even faster. I am not convinced
that any of the solutions I've seen (firewalls, signatures,
etc) have sufficient scaling properties that they're going
to be anything but short-term measures.
mjr. (*such as will most likely never come to exist)
-----
Marcus J. Ranum, CEO, Network Flight Recorder, Inc.
<A HREF=http://www.clark.net/pub/mjr>Personal</A>
<A HREF=http://www.nfr.net>Work</A>
<A HREF=http://www.clark.net/pub/mjr/websec>New Book!!</A>
- Next message: Marcus J. Ranum: "Re: HTTP in practice"
- Previous message: Marcus J. Ranum: "artificial ignorance: how-to guide"
This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:08:58 CDT