On 2013-03-06 4:41 AM, StealthMonger wrote:
2. Prospective customer verification of merchant: Merchant includes the ID of its signing key in every advertisement and repeatedly admonishes prospects to "Accept No Substitutes".
The key, and the hash of the key, is a long string of random gibberish. It should not be visible to end users. Experience demonstrates that showing it repels 99% of end users.
We have to do all the things you describe, without the end user ever seeing the key or the hash of the key.
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
