From: Mabry, F. DR EECS (Frank.Mabry@usma.edu)
Date: Tue Mar 24 2009 - 12:50:33 CST
Mr. Overington,
I have very serious concerns for any system that would provide support for a portable interpretable object code as part of the codepoint content payload of a message or document. Many email clients already over interpret incoming MIME messages and, thereby, open gaps in the security model of a system. In many respects your proposal is somewhat like the concept behind some aspects of the Java implementation, only you have no "sandbox" area!
The nature of net based computing makes many want to be able to make "sharing" of new functions as easy as possible. Without an "information model" whose design addresses security concerns, you run the risk of very serious exploits being perpetrated against users before they can even say NO!
Perhaps I am misunderstanding your suggestion. Please let me know if I am missing the point in your view.
Frank
Dr. Frank J. Mabry, Jr., CISSP
Associate Professor
IT AIAD Coordinator
Dept. of EE&CS
U.S. Military Academy
West Point, New York, 10996
Work Phone: 845-938-2960
Work email: frank.mabry@usma.edu
Home email: fmabry@hvc.rr.com
This archive was generated by hypermail 2.1.5 : Tue Mar 24 2009 - 12:52:31 CST