[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: LYNX-DEV more about wells fargo, schwab
From: |
Mark H. Wood |
Subject: |
Re: LYNX-DEV more about wells fargo, schwab |
Date: |
Fri, 13 Mar 1998 08:38:45 -0500 (EST) |
On Thu, 12 Mar 1998, Scott McGee wrote:
> "Brian Tillman" <address@hidden> asks:
> >
> > Moreover, Netscape has made Navigator's source availalble
> >for all (http://www.mozilla.org/). How, pray tell, does Wells
> >Fargo have any assurance Navigator is any safer than Lynx?
>
> First, last I looked, the code was not yet availible. Second,
> according to the docs I read (at www.mozilla.org), the SSL will
> not be included in the released code, so you can't build an SSL
> capable Netscape from just thier code.
One can't build an SSL-capably Lynx from "just their code" either.
> I assume that Netscape will take the latest approved version of
> the publicly availble code, add SSL and other removed items, and
> build the Netscape Binary from it. That binary will be as secure
> as it is now and likely be backed by the same assurances from
> Netscape. What you build from your copy of their code is something
> else entirely.
How does the server know whether you are using precompiled Netscape
binaries, or something you built which *says* it is precompiled Netscape
binaries? I can see it now: a workstation containing Netscape for my
bank, another Netscape for my stockbroker, etc. etc. ad nauseam, each
individually tailored for my account and digitally signed by the firm so
that copying protocol exchanges won't work. This way madness lies.
This is one of the areas in which the best solutions are not
technological but legal/contractual. The fact of the matter is that you
cannot control the entire transaction path from brain to brain -- there
are too many options, and good reasons for having them. Better to
explain the concerns to your customers, and carefully lay out what
liabilities you will accept under carefully specified conditions, than to
try to keep customers fat, dumb, and happy with plausible measures that
don't actually work. (How one gets a court to agree with such limits on
liability is way beyond the scope of my expertise, I'll admit.)
All of this has very little to do with Lynx, so I guess I'd better shut
up now.
--
Mark H. Wood, Lead System Programmer address@hidden
One more time: a (level-2) switch is a bridge. A "level-3 switch" is
a router. Deal with it.
Re: LYNX-DEV more about wells fargo, schwab, Nelson Henry Eric, 1998/03/12
Re: LYNX-DEV more about wells fargo, schwab, Brian Tillman, 1998/03/12
Re: LYNX-DEV more about wells fargo, schwab, Personal, 1998/03/12
- Re: LYNX-DEV more about wells fargo, schwab,
Mark H. Wood <=
Re: LYNX-DEV more about wells fargo, schwab, Brian Tillman, 1998/03/12
Re: LYNX-DEV more about wells fargo, schwab, Nelson Henry Eric, 1998/03/12
Re: LYNX-DEV more about wells fargo, schwab, Personal, 1998/03/12