Schneier on Smartcards and Holding Secrets
Adam Shostack
adam at homeport.org
Tue Apr 28 00:31:47 PDT 1998
Lucky Green wrote:
| On Mon, 27 Apr 1998, David Honig wrote:
|
| >
| > Bruce wrote a short letter to a trade mag (Internet world? I've
| > lost it since) worth reporting. The jist was, if a smartcard
| > contains Bank Secrets but is held by customers which do not
| > share the same goals/responsibility as the owner of the secrets, this is
| > *poor security design*.
|
| No kidding. Duh.
I make this point by saying 'if the smartcard is my agent, its useful.
If its the bank's agent--well, its under my complete control, isn't
it?'
Adam
--
Just be thankful that Microsoft does not manufacture pharmaceuticals.
More information about the cypherpunks-legacy
mailing list