Congratulations on a great article!

To offer your thoughts on what Ms. Gerszberg has written, please use . To read more by her, .

Gerv: "So under what circumstances might you pay out?"

Old lockers are often covered with brightly colored crafts made by the children. Such is the case at Holbrock Elementary, where student-decorated trees form a forest amongst the lockers.

Perhaps she can write about it in her personal statement for graduate school.

goDaddy: "Well, not really, no."

Such assumptions of equality and absence ofagreement fly in the faceof any extant practice and experience.(It is quite hard to think ofan analogue of such blind faith in the real world.)When any security decision is made, the brand ofthe salient parties is always present, and its presenceis a key part of the user decision. If the brandisn't present, it raises the question of whether thebrand, and thus the identity of the signer,was important or not.

Interesting article. Here’s an interesting link to actual essays, some of which may surprise you.

Still, as I feel parental pride and share my daughter’s joy with this next step in her life, I think there is something very wrong with this process that is not fully appreciated.

Gerv: "Have you ever paid out under the warranty program?"


Emily Nussbaum is the television critic for The New Yorker.

In many commerce spaces, PKI does not mirror actual commerce patterns, so cannot help . That is, if you take any existing commerce pattern, and model it (for example, by drawing out a graph of the interrelationships), it looks completely different to the PKI model.

Voydock and Kent's influentual 1983 paper on secure protocols :

The""as described by Eric Rescorlais one of the wire being unsafeand the end-nodes being safe .Grigg sees this as the reverse of the realityof the Internet, with miniscule or non-existentreports of threats and losses on the wire,and massive threats and losses on both end-nodes(e.g., phishing, trojans, insider attacks andcompromised servers a la Choicepoint).

SP4, a classified standard from the NSA.

In fact, it is relatively rare to find any pattern of commerce that maps easily to the PKI model. This practically means that there is little chance of it being used, as to switch from one pattern to another is an expensive exercise, and is only done over time, and for great savings in costs or increases in benefits.

NCSC Red Book, Part II's per-layer-threat analysis.

Key validation - done properly - is too inefficient to work . Don Davis views the complexity of validation as a "compliance defect," whereby the rules for managing own keys and validating other's keys are so complex, that they are unlikely to be met sufficiently . This criticism was borne out in the infamous Microsoft Internet Explorer bug where the full certificate chain was not being validated.

Peter Gutmann goes on to outline how it can't be changed :

Some observers have commented on the apparent nexus with military needs, and the similarity with military models of control. Yet even there the comparison is only superficial; although the military works to a theoretical hierarchical control model, in actuality modern armies strive to push decision making as far down as possible. Specifically, there are many use cases where commands are overridden at a local level, something that could not be emulated in PKI.

“I have to mop the floor every 15 minutes,” he explains.

One of the tiniest school districts in the state with 78 total students, Sodus Township District #5 hasn’t so much changed with time as it has gotten swept along in a current that it has often fervently resisted.