e$: I Never Meta-Certification...
Lucky Green
shamrock at netcom.com
Mon Aug 12 00:32:13 PDT 1996
At 18:30 8/11/96, Robert Hettinga wrote:
>Anyway, it's clear we're moving from a world of insecure transactions on
>private secure networks to one of secure transactions on insecure public
>networks. CAs, SSL, and the whole enterprise of encrypting links between
>accounting databases seem to be halfway measures to me. They're a way to
>create, like our friend from MIT says, a temporary private secure network,
>so you can send properly authorized, but still unsecure, book-entry down it.
>For that "proper authorization", you need the biometric identity a CA
>provides, so you can hunt down and jail miscreants who change the wrong book
>entry. I've even made biometric-identity CA jokes about "X.BlaBla" and
>"Numbers of the Beast", and all that.
Beware of biometrics. They can give a false sense of security. Case in
point: the other day, I picked up my girlfriend at an international airport
that uses hand shape scanners to control access to restricted areas. I had
her put her hand into the scanner, entered a random four digit code -- and
the scanner displayed "Access granted"... We quickly walked away.
-- Lucky Green <mailto:shamrock at netcom.com> PGP encrypted mail preferred.
Defeat the Demopublican Unity Party. Vote no on Clinton/Dole in November.
Vote Harry Browne for President.
More information about the cypherpunks-legacy
mailing list