On 1/19/2014 4:48 PM, Christian Huitema wrote:
It would be interesting to list the specific patterns that are most
likely to trigger the “bad because of PM” comments, and to develop
secure alternatives. From what I see, there seems to be two big
offenders, logs and configuration. So maybe we should develop a simple
way to anonymize logs, and a secure way to get configuration data…
What an excellent point. It highlights something we probably should
pursue explicitly and aggressively:
1. Working on learning how to analyze PM concerns in specifications
2. Learning how to formulate PM defenses in designs
3. Diligently documenting what we learn
That is, we need to treat this topic as something we are all still
developing an understanding of -- both the problem and its mitigation --
and therefore need to collaborate on.
Methinks these are two wikis we need...
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net