jo...@iecc.com (John Levine) on Wednesday, November 18, 2009 wrote:
>>Such a device does however need to be able to suppor multiple mutually
>>distrusting verifiers, thus the destination public key is managed by
>>the untrusted PC + browser, only the device signing key is inside
>>the trust bounda
I guess I need a slight correction... I missed a 'not'.
On Nov 12, 2009, at 10:32 PM, james hughes wrote:
>
> On Nov 11, 2009, at 10:03 AM, Sandy Harris wrote:
>
>> On 11/8/09, Zooko Wilcox-O'Hearn wrote:
>>
>>> Therefore I've been thinking about how to make Tahoe-LAFS robust against
>>> the
>> In this case, heck, no. The whole point of this thing is that it is
>> NOT remotely programmable to keep malware out.
>
>Which is perhaps why it is not a good idea to embed an SSL engine in such
>a device.
Agreed. A display and signing engine would be quite adequate.
>Such a device does howe