Perry E. Metzger wrote: > However, you need both the end to end communication and the hardware > token with built in display and keyboard.
there is two issues for digital signatures ... 1) "something you have" authentication and 2) proof to the relying party as to the integrity level of the operations it is possible to establish the integrity level of the hardware token at the time the public key is registered ... and then possibly track the token integrity level as it degrades over time (because of technology advances). in the EU finread standard case http://www.garlic.com/~lynn/subpubkey.html#finread it assumed that the display/pinpad and the token were separate. the the case of relying party being able to evaluate the risk of the transaction ... then it would actually need the separate display/pinpad to also digitally sign the transaction (and also having previously registered the finread terminal public key and integrity level). the co-signing by the separate display/pinpad was allowed for in x9.59 financial transaction standard http://www.garlic.com/~lynn/index.html#x959 http://www.garlic.com/~lynn/supubkey.html#privacy but not mandated. when the display, pinpad, and token are all a single device ... then there would only be a requirement for a single digital signature ... representing both the "something you have" authentication as well as the integrity level of the signing environment. in the *human signature* realm there is the aspect of many financial point-of-sale termainals where there is requirement for some sort of manual, human interaction that demonstrates some sort of agreement, approval, and/or authorization of the transaction (in addition to the authentication operation). frequently this is a display of the transaction requiring the person to hit the agree/yes button ... as a separate operation from any authentication operations. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]