Re: example: secure computing kernel needed

2003-12-28 Thread William Arbaugh
I must confess I'm puzzled why you consider strong authentication the same as remote attestation for the purposes of this analysis. It seems to me that your note already identifies one key difference: remote attestation allows the remote computer to determine if they wish to speak with my

Re: How broad is the SPEKE patent.

2005-11-09 Thread William Arbaugh
You may want to look at EAP-PAX. We tried to engineer around the patent land mines in the field when we designed it. This of course doesn't mean that someone won't claim it infringes on something. We also have a proof (not yet published) of security in a random oracle model. Best, Bill