Florian Weimer wrote:
FINREAD is really interesting. I've finally managed to browse the
specs, and it looks as if this platform can be used to build something
that is secure against compromised hosts. However, I fear that the
support costs are too high, and that's why it hasn't caught on in
retail online banking.
if they can build a $100 PC ... you think that they could build a
finread terminal for a couple bucks. sometimes there are issues with
volume pricing ... you price high because there isn't a volume and there
isn't a volume because you price high.
there is one issue missing from the actual FINREAD specification.
when we were doing X9.59 financial standard ... we allowed for a digital
signature for authentication as well as for a digital signature from the
environment that the transaction was performed in. the issue from a
relying party standpoint ... is what assurances do they have as to the
actual environment that a transaction was executed in. consumers could
claim they were using a FINREAD terminal when they weren't. counterfeit
FINREAD terminals could be out in the wild.
part of the x9.59 financial standard looked at the assurance/integrity
that a relying party might have with regard to the actual authentication
... one factor, two factor, three factor ... and the actual
assurance/integrity of the associated factors (or conversely, how
vulnerable were the factors to compromise). this somewhat led into also
having to consider the assurance/integrity environment that the
authentication took place in (and what assurances would a relying party
have with regard to the environment).
part of it has been some past inclination to just specify some standard
... w/o regard to how a relying party might actual have assurances as to
whether some standard or another was being followed in an open
environment (and considering threat scenarios that might involve
compromise/impersonation of various components).
for instance, there was a recent scenario in the UK where crooks were
impersonating maint. people and were updating secure POS terminals with
compromised components.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
