On Tue, 23 Dec 2003, Seth David Schoen wrote:
>When attestation is used, it likely will be passed in a service like
>HTTP, but in a documented way (for example, using a protocol based on
>XML-RPC). There isn't really any security benefit obtained by hiding
>the content of the attestation _from the party providing it_!
It's not the parties who are interested in security alone we're worried
about. There is an advantage in profiling and market research, so I
expect anyone able to effectively subvert the protocols to attempt
to hide the content of remote attestataion.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
