On Sun, Apr 01, 2007 at 06:05:37PM -0400, mark at mark.mielke.cc wrote:
> The underlying point here, is that it is *not possible* to 100%
> guarantee that the client is legitimate unless you can control the
> software and hardware on the client.
> Sorry if this point isn't of concern to you, or if I confused the
> issue in any way. :-)

I understood your points in your original response and this followup
response.  You and I disagree on the intended use of RES-RSA within the
scope of the Netrek binary verification system and the intended scope of
the system itself.  It makes any subsequent contentions moot.  In any
event, we do agree that the system is clearly weak and can easily be