Note that the Windows solution to use Ctrl+Alt+Del as a Secure Attention Key is just one way to implement Trusted Path. There is no reason that the GNOME or UNIX community couldn't come up with a different and novel way to meet the same requirements. The Secure Attention Key should be viewed as just an example of how Trusted Path requirements can be solved and the solution as used by Windows (along with Kerberos). Debating about whether we should use the same sort of solution, or a different solution makes for good discussion, but I don't think it makes sense to suggest that just because this particular solution has usability issues means that Trusted Path requirements are somehow invalid or inappropriate for UNIX environments. Even though some might suggest that security is "good enough" on Linux without meeting these requirements, it still is a good idea to consider how to make GNOME and UNIX more secure. Whatever solution might be decided upon will likely require enough infrastructure enhancements that we will have time to be thoughtful about the best way to provide the feature. Brian
But I'm no security expert; I might be missing something.I believe the goal is to use some uncatchable keyboard sequence a'la Windows' secure auth (Ctrl+Alt+Del).This works on Windows (on a domain) because the goal in those situations is to have perfect and total single sign on. This has been watered down in more recent (less coherent) Windows releases, but the goal was always to prompt the user once and never prompt them again for any application because the system uses kerberos. In our mix of applications and protocols passwords abound, and it's less likely that a Ctrl-Alt-Del style solution would be sufficiently usable. Cheers, Stef Walter