On Sat, 24 Mar 2001, David Honig wrote:
What the world needs now
is a membrane keyboard, used only for entering keys, which can be folded into a credit card and stored in your wallet. If not hung around your neck.
This reminds me of something I've had in the back of my mind for a while (thanks to the Oxygen project over at MIT). Is it useful to divide "available computation power" into these categories: 1) untrusted and "impersonal" 2) untrusted but personalized 3) trusted and "impersonal" 4) trusted and personal Here "personalized" is a purposely vague notion which is supposed to capture such things as, say, a Palm Pilot with your passphrases saved on it. That would be a "trusted and personal" computation device. A "trusted but impersonal" device might be something you have good reason to believe works correctly, but doesn't have any special information about you. I'm not clear on whether it's useful to distinguish between 1) and 2). Probably that depends on what is shoved into the word "personalized." The point of dividing computation into categories is that 4) is very rare, often computationally weak, but a little goes a long way. At least, given the right protocols. My brain is trusted and personal, but it can't do much more than remember a password. My Palm Pilot and my brain together can execute SRP or PAK or whatever - but my Palm Pilot doesn't need to remember my password. (it can be "trusted but impersonal", contrary to the example above). I'd be interested to hear where else this sort of categorisation has popped up, or whether people think it's useful. thanks, -David