On Thu, 1 Jun 2006, Florian Weimer wrote: > > That is an all purpose argument that is deployed > > selectively against some measures and not others. > > If you've deployed two-factor authentication (like German banks did in > the late 80s/early 90s), the relevant attacks do involve compromised > customer PCs. 8-( Just because you can't solve it with your technology > doesn't mean you can pretend the attacks don't happen.
You're both right. The problem is that we are talking about solutions but haven't yet agreed on a threat model to discuss. -- ?!ng --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
