biometrics

[Ben Laurie]

Dan Geer wrote:
> 
> 
> >   In the article they repeat the recommendation that you never
> >   use/register the same shared-secret in different domains ... for
> >   every environment you are involved with ... you have to choose a
> >   different shared-secret. One of the issues of biometrics as a
> >   "shared-secret password" (as opposed to the interface between you
> >   and your chipcard) is that you could very quickly run out of
> >   different, unique body parts.
> 
> Compare and contrast, please, with the market's overwhelming
> desire for single-sign-on (SSO).  Put differently, would the
> actual emergence of an actual SSO signal a market failure by
> the above analysis?

Surely the point about (good) SSO is that you control the domain you
share secrets with and that domain then certifies you to other domains -
thus avoiding the problem of sharing your secrets across domains.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com