The real problem that https has conspicuously failed to fix
Pete Chown
Pete.Chown at skygate.co.uk
Wed Jun 11 09:50:08 EDT 2003
Anonymous wrote:
> The solution to this [key theft by malware] is Palladium (NGSCB).
You could achieve the same protection on any system with decent
mandatory access controls. SELinux would be fine, for example. You
could have a program like ssh-agent which performs the public key
operations; you then deny everything else access to the key store.
--
Pete
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list