www.usable.com has launched a new password management service intended to make it easy to login to participating web sites. However, I don't see any details of the protocols or algorithms. In particular, I don't see any mention of whether or not the system even attempts to prevent people with access to the servers at usable.com from having the ability to impersonate users of the service.
--apb (Alan Barrett) --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
