The real problem that https has conspicuously failed to fix

[Pete Chown]

Anonymous wrote:

> The solution to this [key theft by malware] is Palladium (NGSCB).

You could achieve the same protection on any system with decent 
mandatory access controls.  SELinux would be fine, for example.  You 
could have a program like ssh-agent which performs the public key 
operations; you then deny everything else access to the key store.

-- 
Pete


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com