attempt to address this area; rather than simple i agree/disagree buttons ... they put little checkmarks at places in scrolled form you have to at least scroll thru the document and click on one or more checkmarks before doing the i agree button. a digital signature has somewhat
There doesn't appear to be a discussion forum related to the Web post, so I'll reply here. We've gone through a similar thought process at my company. We have a commercial security product (MatrixSSL), but provide an open source version for many of the good points Daniel makes. There are a few
http://www.cnn.com/2004/LAW/07/21/cyber.theft/index.html CNN Identity theft case could be largest so far Wednesday, July 21, 2004 Posted: 10:49 PM EDT (0249 GMT) WASHINGTON (CNN) -- A Florida man was indicted Wednesday in an alleged scheme to steal vast amounts of personal information, and
brief comments/suggestions: 1. The whole discussion on how much eavesdropping is a threat is irrelevant. We all know it is a threat and the level is not important, as SSL/TLS provide a good, inexpensive solution. Drop this topic. 2. Stop beating the dead horse (SET). But yes, we should learn
Barney Wolff wrote: Pardon a naive question, but shouldn't the signing algorithm allow the signer to add two nonces before and after the thing to be signed, and make the nonces part of the signature? That would eliminate the risk of ever signing something exactly chosen by an attacker, or at
At 01:39 PM 7/21/2004, Ed Gerck wrote: The PKI model is not tied to any legal jurisdiction and is not a business process. What is meant then by relying-party (RP) and RP Reliance in X.509 and PKIX? I hope the text below, from a work in progress submitted as an IETF ID, helps clarify this issue.
R. A. Hettinga wrote: http://www.cnn.com/2004/LAW/07/21/cyber.theft/index.html Identity theft case could be largest so far From other reports, the indictment alleges that Levine gained access ... by misusing a legitimate password and user name while working for a company doing business with