This is yet more reason why I propose that you authorize transactions
with public keys and not with the use of identity information. The
identity information is widely available and passes through too many
hands to be considered "secret" in any way, but a key on a token never
will pass through anyone's hands under ordinary circumstances.

It's 2005, PKI doesn't work, the horse is dead. The credit-card sized number dispensers under development are likely to be what comes next.

Amusingly, your face is an asymmetric authenticator -- easy to recognize, hard to spoof.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to