Subject: Re: Microsoft: Closed source is more secure
From: Russell Nelson <nelson@crynwr.com>
Date: Sun, 6 May 2001 01:31:53 -0400 (EDT)

Stephen J. Turnbull writes:
 > That said, I agree that the restrictions are political; I think the
 > motivation is basically as stated -- he does not want to open himself
 > up to _any_ security-related criticisms.  Call it egotism if you like;
 > it's his software (assuming you don't go down rms's `no such thing as
 > IP' road) and he is welcome to put what restrictions on it he likes.

He could get the same results by using a certification process,
something I've tried but failed to convince him of.

 > But there is also the argument that DJB has created what is, as far as
 > possible, a provably secure mail system, on a limited security domain.
 > He's backed it up with his bet.  That's a non-negligible contribution
 > to a more capable system.

Particularly given the state of the art in 1996 when Dan wrote qmail.

 > (Eg, somebody could invent a secure protocol for doing auth and
 > starttls then handing them off to qmail, then implement it.)

Yup.

 > I see no reason why he should degrade his trade name (not to mention
 > one crucial to Russ Nelson's business) by opening it up to "addition
 > of features required" for _some_ applications.  Others (Russ!) may
 > prefer the minimal "maximum security" implementation.

It's not just security.  It's the fact that qmail is a tool that I use 
to create an email system.  The fact that it's not highly adapted to
any one environment makes it easy for me to adapt it to the
environment I need it to be in.  Simplicity and flexibility count.

-- 
-russ nelson will be speaking at http://www.osdn.com/conferences/handhelds/
Crynwr sells support for free software  | PGPok | Mailing lists should not set
521 Pleasant Valley Rd. | +1 315 268 1925 voice | Reply-To: back to the list!
Potsdam, NY 13676-3213  | +1 315 268 9201 FAX  | http://russnelson.com/rt.html