Outline for October 20, 2005

Reading: D. Libes, "Choosing a Name for Your Computer" ftp://ftp.rfc-editor.org/in-notes/fyi/fyi5.txt (Aug. 1990).

1. Email
   1. How it works
   2. Security issues
   3. How secure is email?
2. Privacy-Enhanced Mail
   1. Goals
   2. How confidentiality works
   3. How integrity and authenticity work
   4. Combining the two
   5. Armoring
   6. Sending the message
   7. PEM and PGP (GPG)
3. Identity
   1. Principles and identities
   2. Files and objects
   3. Users, groups, roles
   4. Computers: names, addresses, and the DNS
   5. On the web: cookies and such
   6. Anonymity

Puzzle of the Day

Microsoft spent February, 2002, teaching its programmers how to check their code for security vulnerabilities and how to spot common security flaws. Yet many Microsoft programs have security vulnerabilities. What problems do you think Microsoft encountered, and will encounter, in trying to find and clean up the vulnerabilities in its systems?