[Cryptography] Possible reason why password usage rules are such a mess
Sid Spry
sid at aeam.us
Sun Dec 20 23:24:04 EST 2020
On Sun, Dec 20, 2020, at 8:55 PM, Peter Gutmann wrote:
> Osman Kuzucu <bizbucaliyiz at hotmail.com> writes:
>
> >Turkish Government has a solution called “E-imza” which is a centralized
> >digital signature solution type of thing [...] they provide a X.509 compliant
> >certificate for the citizen and then put this certificate and some additional
> >keys (I couldn’t find any technical document which explains what type of
> >additional keys) in a USB stick and ship it to the citizen. Later the citizen
> >can legally sign documents using again another central app to authenticate
> >themselves with the USB stick.
>
> There's almost nothing available on this in English, once you get past any
> top-level pages in English it's all in Turkish, but isn't this just an
> incredibly complex way of doing something via a government (or equivalent
> centralised) portal? What advantage is being provided by the use of X.509?
>
> Peter.
>
Digital attestation for document signatures is the point. There are other
governments which do it, off the top of my head Germany is one?
The alternative is just putting an image of a signature on a box, which is
popular in the US.
More information about the cryptography
mailing list