On Wednesday 13 July 2005 23:31, Dan Kaminsky wrote: > > >This is yet more reason why I propose that you authorize transactions > >with public keys and not with the use of identity information. The > >identity information is widely available and passes through too many > >hands to be considered "secret" in any way, but a key on a token never > >will pass through anyone's hands under ordinary circumstances. > > > > > > > It's 2005, PKI doesn't work, the horse is dead.
He's not proposing PKI, but nymous accounts. The account is the asset, the key is the owner; at the simplest conceptual level it is the difference between Paypal and e-gold. But, thank the heavens that we now have reached the point where people can honestly say that PKI is the root cause of the problem. Can you now tell the browser people? > The credit-card sized > number dispensers under development are likely to be what comes next. Right, alongside nyms on a spectrum is big random number-sized tokens. If you want to get sexy, go for the blinded ones. It's all the same infrastructure, we call it FC. > Amusingly, your face is an asymmetric authenticator -- easy to > recognize, hard to spoof. True, but also easy to copy and can be stolen. For some value, you don't want to go there. https://www.financialcryptography.com/mt/archives/000440.html iang -- Advances in Financial Cryptography, Issue 2: https://www.financialcryptography.com/mt/archives/000498.html Mark Stiegler, An Introduction to Petname Systems Nick Szabo, Scarce Objects Ian Grigg, Triple Entry Accounting --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]