On Wed, 14 Feb 1996, Michael Froomkin wrote:
Suppose Alice is a CA who issues anonymous age credentials. Bob is 15 Carol is 25 [...] What can stop Bob and Carol from subverting a scheme that relies on anonymous age creditials in this manner?
Transfer of credentials is a big problem in terms of computer based authentication. Authentication is traditionally carried out in one of three forms: * Authentication by knowledge(passwords) * Authentication by posession(key cards) * Authentication by being(biometrics) With the first two, which are overwhelmingly popular and cheap, the transfer of credentials is trivial. Even if they're not anonymous credentials, the fact that I can hand someone my driver's licence to swipe through a card reader next to a machine is a simple example of transfer of credentials problem. Ben. ____ Ben Samman..............................................samman@cs.yale.edu "If what Proust says is true, that happiness is the absence of fever, then I will never know happiness. For I am possessed by a fever for knowledge, experience, and creation." -Anais Nin PGP Encrypted Mail Welcomed Finger samman@powered.cs.yale.edu for key Want to give a soon-to-be college grad a job? Mail me for a resume