encryption with python

Ron Adam rrr at ronadam.com
Sun Sep 11 00:02:04 CEST 2005


Kirk Job Sluder wrote:

> The only way to keep confidential stuff secure is to shred it, burn it,
> and grind the ashes.  
> 
> I think the fundamental problem is that that most customers don't want
> actual security.  They want to be able to get their information by
> calling a phone number and saying a few words/phrases they memorized in
> childhood.  Given the current market, it seems to be cheaper to deal
> with breaks after the fact than to expect more from customers.

Security = Privacy in this context, and most customers do want privacy.

But also in this case, you are referring to two party security 
situations, where the data is shared between a service provider and a 
service consumer.

I would think that any n digit random number not already in the data 
base would work for an id along with a randomly generated password that 
the student can change if they want.  The service provider has full 
access to the data with their own set of id's and passwords, so in the 
case of a lost id, they can just look it up using the customers name 
and/or ssn, or whatever they decide is appropriate. In the case of a 
lost password, they can reset it and get another randomly generated 
password.

Or am I missing something?

Cheers,
Ron




More information about the Python-list mailing list