Newsgroups: comp.protocols.kerberos
Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!think.com!linus!agate!stanford.edu!ADS.COM!henry
From: henry@ADS.COM (Henry Mensch)
Subject: Software Security
Message-ID: <9104121732.AA23453@ads.com>
Sender: news@shelby.stanford.edu (USENET News System)
Reply-To: henry@ads.com
Organization: Internet-USENET Gateway at Stanford University
Date: 12 Apr 91 17:32:53 GMT
Lines: 15

   Date: Thu, 11 Apr 91 16:40:49 -0600
   From: gta@beta.lanl.gov (Gail Anderson)

   We are investigating how to go about moving our network authentication
   to Kerberos.  As part of this, we must find means of assuring our
   security people that software we get from the network does not include
   intentional security holes.

this statement seems to imply that your security people "trusts"
software that you've purchased ...  i dare not say anything more, lest
we all fall off our chairs in riotous laughter ...

-- henry
--------