-- On 6 Jun 2003 at 17:45, Anne & Lynn Wheeler wrote:
??? public key registered in place of shared-secret?
NACHA debit trials using digitally signed transactions did it with both software keys as well as hardware tokens. http://internetcouncil.nacha.org/News/news.html in the above scroll down to July 23, 2001 ... has pointer to detailed report?
X9.59 straight forward establishes it as standard .... with some activity moving on to ISO http://www.garlic.com/~lynn/index.html#x959
pk-init draft for kerberos specifies that public key can be registered in place of shared secret.
following has demo of it with radius with public keys registered in place of shared-secret. http://www.asuretee.com/ the radius implementation has been done be a number of people.
in all of these cases, there is change in the business process and/or business relationship
Precisely. I am talking about direct substitution that should be almost invisible to both parties, using private keys exactly as passwords are used, except that the fake site trick fails. In fact one can do a direct substitution that is almost invisible to both parties, but it requires custom software on both client and server. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG EWYCMfM1ZE4FqHNgG8Xxq4Raoo0u92HCJxUTm9d6 4UkMVch4UVf7oFF6jEx+Nj5WJffMhrKnlz65qZyH1 --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com