Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
lynn at garlic.com
lynn at garlic.com
Mon Jan 5 13:19:06 EST 2004
aka ... in some sense the reply
http://www.garlic.com/~lynn/aadsm17.htm#0
is also attempting to keep separate the business processes of
identification and authentication. Will it continue to be allowed to have
authentication events (i can prove that i'm authorized to do something) w/o
also always mandating that whenever there is an authentication operation
will proof of identity always also be required?
today, I supposedly can open an ISP account, provide proof of payment and
supply a password for that account (w/o also having to provide a gene
pattern for identification). Would it ever be possible to simply substitute
a digital signature and public key in lieu of a password when opening an
account (where that digital signature may have been performed by a hardware
token)?
will it continue to be possible in the future to have separation between
authentication and identification business processes ... or will at some
time, things change and all authentication events also always require
identification?
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list