Maybe It's Snake Oil All the Way Down

James A. Donald jamesd at echeque.com
Sat Jun 7 12:43:39 PDT 2003


    --
On 6 Jun 2003 at 17:45, Anne & Lynn Wheeler wrote:
> ??? public key registered in place of shared-secret?
>
> NACHA debit trials using digitally signed transactions did it
> with both software keys as well as hardware tokens. 
> http://internetcouncil.nacha.org/News/news.html in the above
> scroll down to July 23, 2001 ... has pointer to detailed
> report?
>
> X9.59 straight forward establishes it as standard .... with
> some activity moving on to ISO
> http://www.garlic.com/~lynn/index.html#x959
>
> pk-init draft for kerberos specifies that public key can be
> registered in place of shared secret.
>
> following has demo of it with radius with public keys
> registered in place of shared-secret.
> http://www.asuretee.com/ the radius implementation has been
> done be a number of people.
>
> in all of these cases, there is change in the business
> process and/or business relationship

Precisely.  I am talking about direct substitution that should
be almost invisible to both parties, using private keys exactly
as passwords are used, except that the fake site trick fails.

In fact one can do a direct substitution that is almost
invisible to both parties, but it requires custom software on
both client and server. 

    --digsig
         James A. Donald
     6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
     EWYCMfM1ZE4FqHNgG8Xxq4Raoo0u92HCJxUTm9d6
     4UkMVch4UVf7oFF6jEx+Nj5WJffMhrKnlz65qZyH1


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com





More information about the cypherpunks-legacy mailing list