Op 13 sep. 2013, om 21:23 heeft Perry E. Metzger <pe...@piermont.com> het 
volgende geschreven:

> On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl <eu...@leitl.org>
> wrote:
>> Why e.g. SWIFT is not running on one time pads is beyond me.
> I strongly suspect that delivering them securely to the vast number
> of endpoints involved and then securing the endpoints as well would
> The problem these days is not that something like AES is not good
> enough for our purposes. The problem is that we too often build a

While most documents on Swift its move from something very akin to OTP (called 
BKE) seem no longer to be on the internet; the documents:


should give you a good introduction; and outline quite clearly what 
organisational issues they where (and to this day stil are) in essence trying 
to solve. 

I found them quite good readings - with a lot of (often) implicit governance 
requirements which have wider applicability.  And in all fairness - quite a 
good example of an 'open' PKi in that specific setting if you postulate you 
trust SWIFT only so-so as a fair/honest broker of information - yet want to 
keep it out of the actual money path. A separation of roles/duties which some 
of the internet PKI's severly lack.

The cryptography mailing list

Reply via email to