[Cryptography] Possible reason why password usage rules are such a mess

Peter Gutmann pgut001 at cs.auckland.ac.nz
Sun Dec 20 21:55:21 EST 2020


Osman Kuzucu <bizbucaliyiz at hotmail.com> writes:

>Turkish Government has a solution called “E-imza” which is a centralized
>digital signature solution type of thing [...] they provide a X.509 compliant
>certificate for the citizen and then put this certificate and some additional
>keys (I couldn’t find any technical document which explains what type of
>additional keys) in a USB stick and ship it to the citizen. Later the citizen
>can legally sign documents using again another central app to authenticate
>themselves with the USB stick.

There's almost nothing available on this in English, once you get past any
top-level pages in English it's all in Turkish, but isn't this just an
incredibly complex way of doing something via a government (or equivalent
centralised) portal?  What advantage is being provided by the use of X.509?

Peter.





More information about the cryptography mailing list