biometrics
Ben Laurie
ben at algroup.co.uk
Wed Feb 6 14:29:21 EST 2002
Dan Geer wrote:
>
>
> > In the article they repeat the recommendation that you never
> > use/register the same shared-secret in different domains ... for
> > every environment you are involved with ... you have to choose a
> > different shared-secret. One of the issues of biometrics as a
> > "shared-secret password" (as opposed to the interface between you
> > and your chipcard) is that you could very quickly run out of
> > different, unique body parts.
>
> Compare and contrast, please, with the market's overwhelming
> desire for single-sign-on (SSO). Put differently, would the
> actual emergence of an actual SSO signal a market failure by
> the above analysis?
Surely the point about (good) SSO is that you control the domain you
share secrets with and that domain then certifies you to other domains -
thus avoiding the problem of sharing your secrets across domains.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list