William Arbaugh wrote: >David Wagner writes: >> As for remote attestion, it's true that it does not directly let a remote >> party control your computer. I never claimed that. Rather, it enables >> remote parties to exert control over your computer in a way that is >> not possible without remote attestation. The mechanism is different, >> but the end result is similar. > >If that is the case, then strong authentication provides the same >degree of control over your computer. With remote attestation, the >distant end determines if they wish to communicate with you based on >the fingerprint of your configuration. With strong authentication, the >distant end determines if they wish to communicate with you based on >your identity.
I must confess I'm puzzled why you consider strong authentication the same as remote attestation for the purposes of this analysis. It seems to me that your note already identifies one key difference: remote attestation allows the remote computer to determine if they wish to speak with my machine based on the software running on my machine, while strong authentication does not allow this. As a result, remote attestation enables some applications that strong authentication does not. For instance, remote attestation enables DRM, software lock-in, and so on; strong authentication does not. If you believe that DRM, software lock-in, and similar effects are undesirable, then the differences between remote attestation and strong authentication are probably going to be important to you. So it seems to me that the difference between authenticating software configurations vs. authenticating identity is substantial; it affects the potential impact of the technology. Do you agree? Did I miss something? Did I mis-interpret your remarks? P.S. As a second-order effect, there seems to be an additional difference between remote attestation ("authentication of configurations") and strong authentication ("authentication of identity"). Remote attestation provides the ability for "negative attestation" of a configuration: for instance, imagine a server which verifies not only that I do have RealAudio software installed, but also that I do not have any Microsoft Audio software installed. In contrast, strong authentication does not allow "negative attestation" of identity: nothing prevents me from sharing my crypto keys with my best friend, for instance. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]