[15092] in cryptography@c2.net mail archive
Re: Difference between TCPA-Hardware and a smart card (was: example:
daemon@ATHENA.MIT.EDU (bear)
Mon Dec 29 19:03:01 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 29 Dec 2003 13:24:29 -0800 (PST)
From: bear <bear@sonic.net>
To: Seth David Schoen <schoen@loyalty.org>
Cc: Antonomasia <ant@notatla.org.uk>, cme@acm.org,
cryptography@metzdowd.com
In-Reply-To: <20031223215339.GB7556@zork.net>
On Tue, 23 Dec 2003, Seth David Schoen wrote:
>When attestation is used, it likely will be passed in a service like
>HTTP, but in a documented way (for example, using a protocol based on
>XML-RPC). There isn't really any security benefit obtained by hiding
>the content of the attestation _from the party providing it_!
It's not the parties who are interested in security alone we're worried
about. There is an advantage in profiling and market research, so I
expect anyone able to effectively subvert the protocols to attempt
to hide the content of remote attestataion.
Bear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
