Anna Rikova wrote:
maybe this is a silly question, but at the moment I
don't know how to solve it. Assume there are 4 partys
A,B,C,D. Now the parties B,C,D want to create a random
value r for A, so that each party B,C,D can verify
afterwards, that A uses indeed the random value r, but
doesn't
Only problem is that cell phones have become so utterly complex (hosting
several processors and a plethora of software components) that it will never
become the trusted device that we once thought it could be...
Personal it is though
Jaap-Henk
On Sat, 09 Jul 2005 18:56:22 -0700 James A.
Actually, Dutch banks already give users the option to recieve one-time
pass-codes by SMS to authenticate internet banking transactions (instead of
sending a list of those codes on paper by ordinary mail in advance). So it's
less unrealistic than you think.
Jaap-Henk
On Sat, 09 Jul 2005
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Sun, 17 Jul 2005 21:14:39 -0400
To: Philodox Clips List [EMAIL PROTECTED]
From: R.A. Hettinga [EMAIL PROTECTED]
Subject: [Clips] Bellovin, et al., in WSJ: Where the Dangers Are
Reply-To: [EMAIL PROTECTED]
Sender: [EMAIL
ref:
http://www.garlic.com/~lynn/aadsm20.htm#10 the limits of crypto and
authentication
http://www.garlic.com/~lynn/aadsm20.htm#15 the limits of crypto and
authentication
http://www.garlic.com/~lynn/aadsm20.htm#17 the limits of crypto and
authentication
one of the issues raised in the x9.59
--- begin forwarded text
Delivered-To: [EMAIL PROTECTED]
Date: Sun, 17 Jul 2005 22:44:19 -0400
To: Philodox Clips List [EMAIL PROTECTED]
From: R.A. Hettinga [EMAIL PROTECTED]
Subject: [Clips] Venona Ten Years Later: Lessons for Today
Reply-To: [EMAIL PROTECTED]
Sender: [EMAIL PROTECTED]
John Kelsey [EMAIL PROTECTED] writes:
One nontrivial reason is that many organizations have spent a lot of time and
money building up elaborate rules for using PKI, after long negotiations
between legal and technical people, many hours of writing and revising,
gazillions of dollars in
Jaap-Henk Hoepman wrote:
Actually, Dutch banks already give users the option to recieve one-time
pass-codes by SMS to authenticate internet banking transactions (instead of
sending a list of those codes on paper by ordinary mail in advance). So it's
less unrealistic than you think.
there is
James A. Donald [EMAIL PROTECTED] writes:
The PKI that was designed to serve no very useful function other than make
everyone in the world pay $100 a year to Verisign is dead.
Yet the technology is potent, and the problems of identity and authenticity
are severe. We shall, bye and bye, see