> In the article they repeat the recommendation that you never > use/register the same shared-secret in different domains ... for > every environment you are involved with ... you have to choose a > different shared-secret. One of the issues of biometrics as a > "shared-secret password" (as opposed to the interface between you > and your chipcard) is that you could very quickly run out of > different, unique body parts.
Compare and contrast, please, with the market's overwhelming desire for single-sign-on (SSO). Put differently, would the actual emergence of an actual SSO signal a market failure by the above analysis? --dan --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]