On 8 Jun 2003 at 14:47, tom st denis wrote:
> I disagree.  That attack is more akin to a "Hi, I'm calling 
> from {insert bank here} and we need your CC info to update 
> your file."
> That doesn't mean credit cards [nor your bank] are flawed.

Actually credit cards, and your bank, are flawed, as any porn 
site operator will tell you.

> The attack is based on you giving out the secrets, and alas, 
> no crypto can really stop that

If people routinely conduct business by sharing secrets, they 
will tend to share secrets with the wrong people.   The 
solution, envisaged a long time ago, but not implemented 
successfully, is not to use shared secrets. 

         James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to