Crypto dongles to secure online transactions

Bill Frantz frantz at
Wed Nov 18 12:22:01 EST 2009

johnl at (John Levine) on Wednesday, November 18, 2009 wrote:

>>Such a device does however need to be able to suppor multiple mutually
>>distrusting verifiers, thus the destination public key is managed by
>>the untrusted PC + browser, only the device signing key is inside
>>the trust boundary. A user should be able to enroll the same device
>>with another "bank", ...
>If you really need the ability to do that, I'd think it would be
>better to make an expandable version into which you could plug each
>bank's chip+pin cards, not try to invent a super-protocol for
>downloading a bank's preferred keys.

Perhaps I'm missing something, but my multiple banks will all accept my
signature when made with the same pen. Why wouldn't they not accept my
signature when made with the same, well protected, signing/user verifying
device. I might have to take it to the bank to give them its public key in
person, but that seems a minor inconvenience.

This kind of device sounds like a fine device for a banking industry
committee to specify.

Cheers - Bill

Bill Frantz        | Airline peanut bag: "Produced  | Periwinkle
(408)356-8506      | in a facility that processes   | 16345 Englewood Ave | peanuts and other nuts." - Duh | Los Gatos, CA 95032

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list