Maybe It's Snake Oil All the Way Down
Anne & Lynn Wheeler
lynn at garlic.com
Fri Jun 6 16:45:35 PDT 2003
At 04:24 PM 6/6/2003 -0700, James A. Donald wrote:
>I don't think so.
??? public key registered in place of shared-secret?
NACHA debit trials using digitally signed transactions did it with both
software keys as well as hardware tokens.
http://internetcouncil.nacha.org/News/news.html
in the above scroll down to July 23, 2001 ... has pointer to detailed report?
X9.59 straight forward establishes it as standard .... with some activity
moving on to ISO
http://www.garlic.com/~lynn/index.html#x959
pk-init draft for kerberos specifies that public key can be registered in
place of shared secret.
following has demo of it with radius with public keys registered in place
of shared-secret.
http://www.asuretee.com/
the radius implementation has been done be a number of people.
in all of these cases, there is change in the business process and/or
business relationship .... doesn't introduce totally unrelated parties to
the business activities. the is digital signing on the senders side
(actually a subset of existing PKI technology) and digital signature
verification on the receivers side (again a subset of existing PKI
technology). To the extent that there is impact on existing business
process ... it is like in the case of introducing x9.59 authentication for
credit transactions that have relatively little authentication currently
.... and as a result would eliminate major portion of the existing credit
card transaction related fraud.
The big issue isn't the availability of the technology ... although there
is a slight nit in the asuretee case being FIPS186-2, ecdsa .... and having
support in CAPI and related infrastructures. It not working (easily) is
like when my wife and I were doing the original payment gateway .... with
this little client/server startup in menlo park (later moved to mountain
view and have since been bought by AOL) and people saying that SSL didn't
exist ... misc ref from the past
http://www.garlic.com/~lynn/aadsm5.htm#asrn2
http://www.garlic.com/~lynn/aadsm5.htm#asrn3
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cypherpunks-legacy
mailing list