On Tue, 23 Dec 2003, Seth David Schoen wrote:
>When attestation is used, it likely will be passed in a service like >HTTP, but in a documented way (for example, using a protocol based on >XML-RPC). There isn't really any security benefit obtained by hiding >the content of the attestation _from the party providing it_! It's not the parties who are interested in security alone we're worried about. There is an advantage in profiling and market research, so I expect anyone able to effectively subvert the protocols to attempt to hide the content of remote attestataion. Bear --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]