-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
"James A. Donald" <jam...@echeque.com> writes:
> On 2013-03-06 4:41 AM, StealthMonger wrote:
>> 2. Prospective customer verification of merchant: Merchant includes
>> the ID of its signing key in every advertisement and repeatedly
>> admonishes prospects to "Accept No Substitutes".
> The key, and the hash of the key, is a long string of random
> gibberish. It should not be visible to end users. Experience
> demonstrates that showing it repels 99% of end users.
Merchant includes its telephone number in every advertisement and
repeatedly admonishes prospects to call.
The telephone number may be a long string of random digits. Yet end
users understand that they have to use it if they want to follow up.
Your only argument is that the key ID is "longer" or more "random". A
solution is redesign of the hash code so it doesn't have to be so long
plus maybe merchant generating and discarding lots of keys until
stumbling on one with a pronounceable hash.
These are not easily accomplished, but they would enable slaying the
CA dragon.
- --
-- StealthMonger <stealthmon...@nym.mixmin.net>
Long, random latency is part of the price of Internet anonymity.
anonget: Is this anonymous browsing, or what?
http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain
stealthmail: Hide whether you're doing email, or when, or with whom.
mailto:stealthsu...@nym.mixmin.net?subject=send%20index.html
Key: mailto:stealthsu...@nym.mixmin.net?subject=send%20stealthmonger-key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.9 <http://mailcrypt.sourceforge.net/>
iEYEARECAAYFAlE2+ZEACgkQDkU5rhlDCl7YdQCgqjS4QRv3XmyOgRC/Clf4pDHR
V9IAnikryad50gCwnaugi6YOyslXFlNN
=i1I8
-----END PGP SIGNATURE-----
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
