ID "theft" -- so what?
Ian Grigg
iang at systemics.com
Wed Jul 13 22:57:30 EDT 2005
On Wednesday 13 July 2005 23:31, Dan Kaminsky wrote:
>
> >This is yet more reason why I propose that you authorize transactions
> >with public keys and not with the use of identity information. The
> >identity information is widely available and passes through too many
> >hands to be considered "secret" in any way, but a key on a token never
> >will pass through anyone's hands under ordinary circumstances.
> >
> >
> >
> It's 2005, PKI doesn't work, the horse is dead.
He's not proposing PKI, but nymous accounts. The
account is the asset, the key is the owner; at the
simplest conceptual level it is the difference between
Paypal and e-gold.
But, thank the heavens that we now have reached
the point where people can honestly say that PKI
is the root cause of the problem. Can you now tell
the browser people?
> The credit-card sized
> number dispensers under development are likely to be what comes next.
Right, alongside nyms on a spectrum is big random
number-sized tokens. If you want to get sexy, go
for the blinded ones. It's all the same infrastructure,
we call it FC.
> Amusingly, your face is an asymmetric authenticator -- easy to
> recognize, hard to spoof.
True, but also easy to copy and can be stolen. For
some value, you don't want to go there.
https://www.financialcryptography.com/mt/archives/000440.html
iang
--
Advances in Financial Cryptography, Issue 2:
https://www.financialcryptography.com/mt/archives/000498.html
Mark Stiegler, An Introduction to Petname Systems
Nick Szabo, Scarce Objects
Ian Grigg, Triple Entry Accounting
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list