On Thu, 1 Jun 2006, Florian Weimer wrote:
> > That is an all purpose argument that is deployed
> > selectively against some measures and not others.
>
> If you've deployed two-factor authentication (like German banks did in
> the late 80s/early 90s), the relevant attacks do involve compromised
> customer PCs. 8-( Just because you can't solve it with your technology
> doesn't mean you can pretend the attacks don't happen.

You're both right.  The problem is that we are talking about
solutions but haven't yet agreed on a threat model to discuss.


-- ?!ng

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to