Anders Rundgren wrote: > Absolutely! However, there is no infrastructure in place for that.
the issue with x9.59 http://www.garlic.com/~lynn/index.html#x959 and aads http://www.garlic.com/~lynn/index.html#aads is that there is absolutely no changes to existing infrastructures, business processes and/or message flows ... they all stay the same ... there is just a straight-forward upgrade of the authentication technology (while not modifying existing infrastructures, business process, and/or message flows). aggresive cost optimization for a digital signature only hardware token would result in negligiible difference between the fully-loaded roll-out costs for the current contactless, RFID program and the fully-loaded costs for nearly identical operation for a contactless, digital signature program. the advantage over some of the earlier pki-oriented payment rollouts http://www.garlic.com/~lynn/2005l.html#23 is that in addition to addressing evesdropping vulnerability for data-in-flight (already addressed by the simpler SSL-based solution) ... it also provides countermeasures for impersonation vulnerabilities as well as numerous kinds of data breach and identity theft vulnerabilities. http://www.garlic.com/~lynn/2005l.html#22 _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
