attempt to address this area; rather than simple i agree/disagree
buttons ... they put little checkmarks at places in scrolled form you
have to at least scroll thru the document and click on one or more
checkmarks before doing the i agree button. a digital signature has
somewhat
There doesn't appear to be a discussion forum related to the Web post, so
I'll reply here.
We've gone through a similar thought process at my company. We have a
commercial security product (MatrixSSL), but provide an open source version
for many of the good points Daniel makes. There are a few
http://www.cnn.com/2004/LAW/07/21/cyber.theft/index.html
CNN
Identity theft case could be largest so far
Wednesday, July 21, 2004 Posted: 10:49 PM EDT (0249 GMT)
WASHINGTON (CNN) -- A Florida man was indicted Wednesday in an alleged
scheme to steal vast amounts of personal information, and
brief comments/suggestions:
1. The whole discussion on how much eavesdropping is a threat is
irrelevant. We all know it is a threat and the level is not important,
as SSL/TLS provide a good, inexpensive solution. Drop this topic.
2. Stop beating the dead horse (SET). But yes, we should learn
Barney Wolff wrote:
Pardon a naive question, but shouldn't the signing algorithm allow the
signer to add two nonces before and after the thing to be signed, and
make the nonces part of the signature? That would eliminate the risk
of ever signing something exactly chosen by an attacker, or at
At 01:39 PM 7/21/2004, Ed Gerck wrote:
The PKI model is not tied to any legal jurisdiction and is not a
business process. What is meant then by relying-party (RP) and
RP Reliance in X.509 and PKIX? I hope the text below, from a
work in progress submitted as an IETF ID, helps clarify this issue.