At 18:30 8/11/96, Robert Hettinga wrote:

Anyway, it's clear we're moving from a world of insecure transactions on private secure networks to one of secure transactions on insecure public networks. CAs, SSL, and the whole enterprise of encrypting links between accounting databases seem to be halfway measures to me. They're a way to create, like our friend from MIT says, a temporary private secure network, so you can send properly authorized, but still unsecure, book-entry down it. For that "proper authorization", you need the biometric identity a CA provides, so you can hunt down and jail miscreants who change the wrong book entry. I've even made biometric-identity CA jokes about "X.BlaBla" and "Numbers of the Beast", and all that.

Beware of biometrics. They can give a false sense of security. Case in point: the other day, I picked up my girlfriend at an international airport that uses hand shape scanners to control access to restricted areas. I had her put her hand into the scanner, entered a random four digit code -- and the scanner displayed "Access granted"... We quickly walked away. -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred. Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November. Vote Harry Browne for President.