dangers of TCPA/palladium
lynn.wheeler at firstdata.com
lynn.wheeler at firstdata.com
Tue Aug 6 00:47:33 EDT 2002
a lot financial institutions went to certificates/credentials that only
contained an account number .... nothing else ... largely because of the
huge privacy exposure of any kind of identify certificate (everything about
you embedded in a certificate that is attached ... frequently totally in
the clear ... or at least at the end-points on every transaction ....
including intermediary points like merchants).
It was then possible to show (at least in the financial transaction &
relying-party-only certificates) that such certificates could easily be
compressed to zero bytes.
http://www.garlic.com/~lynn/index.html#aads
in the online financial transaction case, the merchant is interested in the
bank saying that the merchant gets the money ..... your identity isn't
necessary for that ... and in fact, the EU directive of making
point-of-sale transactions as anonymous as cash would also lead in that
direction. First step is removing you name from the piece of plastic, then
if the "plastic" credential doesn't have any identity .... why should there
be a certificate at all.
remail at aarg.net on 8/5/2002 6:25 pm wrote
Adam Back writes:
> To address privacy with for example Brands digital credentials, the
> underlying cryptography may be harder to understand, or at least less
> familiar, but I don't think using a toolkit based on Brands digital
> credentials would be significantly harder than using an identity or
> attribute based PKI toolkit. Similar for Chaum's credentials or other
> approach.
Sure, but how many pages would it take in the spec to describe the
protocol? Especially given their turgid technical-writer prose?
Brands took a whole book to describe his credentials thoroughly.
In any case, I agree that something like this would be an excellent
enhancement to the technology. IMO it is very much in the spirit of TCPA.
I suspect they would be very open to this suggestion.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list