Re: [Fwd: Re: Non-repudiation (was RE: The PAIN mnemonic)]

2004-01-07 Thread Jerrold Leichter
Now that we've trashed non-repudiation ... just how is it different from authentication? In both cases, there is a clear technical meaning (though as with anything in mathematics, when you get right down to it, the details are complex and may be important): To produce an authenticator/non-repudia

RE: Walton's Mountain notaries (identity requirements)

2004-01-07 Thread Carl Ellison
> -Original Message- > From: John Gilmore [mailto:[EMAIL PROTECTED] > Sent: Monday, January 05, 2004 3:11 PM > To: Carl Ellison > Cc: 'Paul A.S. Ward'; [EMAIL PROTECTED] > Subject: Re: Walton's Mountain notaries (identity requirements) > > > ... once again I heard

Nomination Deadline Extended to January 15th for Seventh Annual RSA(R) Conference Awards

2004-01-07 Thread R. A. Hettinga
Jan. 6, 2004 Silicon Valley Biz Ink :: The voice of the valley economy Press release distributed by PR Newswire Nomination Deadline Extended to January

RE: Difference between TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed)

2004-01-07 Thread Anne & Lynn Wheeler
At 07:06 PM 1/6/2004 +1100, McMeikan, Andrew wrote: This is the real bit, how tied to identity can it be bound. How tightly do people want to be bound. In any abuse or failing of identity whatever that identity was authorized for is going to be the *Responsibility* of the true identity. I freque

RE: Difference between TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed)

2004-01-07 Thread McMeikan, Andrew
> The original issue involves three factor authentication > > * something you have stealable perhaps > * something you know most people are careless with secrets > * something you are This is the real bit, how tied to identity can it be bound. How tightly do people want to be bound. In any abus

FC'04: 2nd Call for Participation

2004-01-07 Thread Hinde ten Berge
Financial Cryptography '04 9-12 February 2004 Key West, Florida, USA 2nd Call for Participation Note: Early registration ends on January 9th, 2004! Financial Cryptography is the premier international forum for education, exploration, and deb

Re: [Fwd: Re: Non-repudiation (was RE: The PAIN mnemonic)]

2004-01-07 Thread Ed Gerck
> In business, when repudiation of an act is anticipated we're reminded by Nicholas Bohm (whose clear thinking I know and appreciate for 6 years) that some lawyers find it useful to define "irrebuttable presumptions" -- a technique known to the law and capable of being instantiated in statute or

Re: Walton's Mountain notaries (identity requirements)

2004-01-07 Thread John Gilmore
> ... once again I heard the readings about the > edict from Caesar that all people return to their home towns to be counted > in a census. Maybe we can take a lesson from that - and have everyone > return to people who have known the person, uninterrupted, from birth to t

Re: Any good books or URLs for WinXP crypto & security?

2004-01-07 Thread Anton Stiglic
NSA Windows hardening guides: http://nsa2.www.conxion.com/ --Anton - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Re: CIA - the cryptographer's intelligent aid?

2004-01-07 Thread Anton Stiglic
The thing about CIA is that it is commonly used in security (not cryptography) courses to mean Confidentiality, Integrity (of systems) and Availability (instead of Authentication). Availability of systems, services and information. For crypto I always talked about CAIN or PAIN (like in no PAIN no

RE: Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)

2004-01-07 Thread lynn
aka ... in some sense the reply http://www.garlic.com/~lynn/aadsm17.htm#0 is also attempting to keep separate the business processes of identification and authentication. Will it continue to be allowed to have authentication events (i can prove that i'm authorized to do something) w/o also alway

RE: Walton's Mountain notaries

2004-01-07 Thread Jerrold Leichter
| I might be - and it would be interesting to find out. However, that does | not necessarily mean that anyone you could find to witness your signature | also has the knowledge to tie you to that particular Dan Geer so carefully | documented in the genealogy site. | | I have people who can testify

Re: [Fwd: Re: Non-repudiation (was RE: The PAIN mnemonic)]

2004-01-07 Thread Ben Laurie
Ian Grigg wrote: Which leaves the issue of what we call the property that differentiates a private key signature from a MAC or MD? A private key signature can only be produced by the holder of the private key, and can be verified by anyone (who has the public key). That is, it is asymmetric, just