I am currently piloting a Java-bean based device I can use to control access to my PC, as well as any application or document in it. It's on the same carabiner I clip to my belt loops to hold my office access card. It's cheap to make - cheaper if it becomes popular - easy to handle (so far, knock wood, I said it was a pilot), and supports PKI too. Remember when ATM cards were a big deal? I do. From: John R. Christiansen Preston | Gates | Ellis LLP 701 Fifth Avenue, Seattle, Washington 98104 *Direct: 206.613.7118 - *Cell: 206.799.9388 * johnc@private Reader Beware: Internet e-mail is inherently insecure. Unencrypted e-mail may be accessible to unauthorized viewers, e-mail content may have been modified or corrupted, and e-mail headers or signatures may incorrectly identify the sender. If you wish to confirm the contents of this message or identity of the sender, or wish to arrange for more secure communication please contact me using a communications channel other than a "reply" to this e-mail. Thank you. -----Original Message----- From: Toby [mailto:toby@private] Sent: Thursday, July 18, 2002 12:04 PM To: Shaun Savage Cc: CRIME Subject: Re: CRIME Kerberos summation. Shaun Savage writes: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > The problem that I see is the the public workstation is "not secure" > ~ and having the community carry "secure eletronic ID" would cost too > much to impliment. This would rule out public key systems, so the > login ID and password is the best for this semi secure enviroment. I > would like a system that has fine grain Access Control per user. > I was thinking about using kerberos different services for the access > control. A "secure electronic ID" could be nothing more than a floppy with your private key on it, encrypted with a symmetric key based on a long passphrase. I know people who do this with their PGP keys... t
This archive was generated by hypermail 2b30 : Thu Jul 18 2002 - 14:59:48 PDT