Op 13 sep. 2013, om 21:23 heeft Perry E. Metzger <[email protected]> het volgende geschreven:
> On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl <[email protected]> > wrote: >> Why e.g. SWIFT is not running on one time pads is beyond me. > > I strongly suspect that delivering them securely to the vast number > of endpoints involved and then securing the endpoints as well would .. > The problem these days is not that something like AES is not good > enough for our purposes. The problem is that we too often build a While most documents on Swift its move from something very akin to OTP (called BKE) seem no longer to be on the internet; the documents: http://web.archive.org/web/20070218160712/http://www.swift.com/index.cfm?item_id=57203 and http://web.archive.org/web/20070928013437/http://www.swift.com/index.cfm?item_id=61595 should give you a good introduction; and outline quite clearly what organisational issues they where (and to this day stil are) in essence trying to solve. I found them quite good readings - with a lot of (often) implicit governance requirements which have wider applicability. And in all fairness - quite a good example of an 'open' PKi in that specific setting if you postulate you trust SWIFT only so-so as a fair/honest broker of information - yet want to keep it out of the actual money path. A separation of roles/duties which some of the internet PKI's severly lack. Dw. _______________________________________________ The cryptography mailing list [email protected] http://www.metzdowd.com/mailman/listinfo/cryptography
