It creates the potential for a significantly larger problem by giving the ultimate power to control the availability of systems and networks to CERTs! What would you say if you applied the same principle to confidentiality instead of availability? "To ensure appropriate access to confidential data we need to ensure CERTs are intimately involved in everyone's key management processes."
Let's be honest. This is terrifying. CERTs are commonly staffed by ankle-biter kids that are enamored with the recent discovery of puberty. You want to give them the kill switch to impact networks and systems they don't understand?! Bad idea.
It creates the potential for a significantly larger problem by giving the ultimate power to control the availability of systems and networks to CERTs! What would you say if you applied the same principle to confidentiality instead of availability? "To ensure appropriate access to confidential data we need to ensure CERTs are intimately involved in everyone's key management processes."
Let's be honest. This is terrifying. CERTs are commonly staffed by ankle-biter kids that are enamored with the recent discovery of puberty. You want to give them the kill switch to impact networks and systems they don't understand?! Bad idea.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/newsbriefs/950/2909#2909