search

katzenpost / docs

specification and design documents
Creative Commons Attribution Share Alike 4.0 International
53 stars 14 forks source link

remove "trust" from specification documents #45

Open david415 opened 5 years ago

david415 commented 5 years ago 
user@computer:~/code/docs$ grep -r trust
specs/sphinx.rst:      ``additional_data`` element as trusted until after the completion
specs/end_to_end.rst:   reusing the existing trust relationship any given user may have
user@computer:~/code/docs$
claucece commented 5 years ago

Why should it be removed?

david415 commented 5 years ago

The word trust in computer security discussions is inappropriate. Here's my reasoning:

Proposition 1: If A trusts B and B is compromised then A is also compromised. Proposition 2: If A depends on B for confidentiality and B is compromised then A losses confidentiality.

In Proposition 1 the trust relationship means that B is totally compromised whereas in Proposition 2 B only looses confidentiality. Therefore it is best to replace sentences containing the word trust with phrases "depends on" to express the precise dependency relationship.