[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SDSI syntax -Reply

>>> Carl Ellison <cme@cybercash.com> 05/07/96 05:24pm >>>
At 12:24 PM 5/6/96 EDT, Ron Rivest wrote:
>>Bob Jueneman notes that large files (e.g. photos) and other documents may
>be common, as part of the discussion on canonicalization.

>One can use a (location,hash) pair to stand for any object -- no matter what size.  I, for one, would rather not send digitized photos or
voice along as part of a certificate I was using to get FTP access to some site.  I would want that to be small -- possibly referring to
such objects and incorporating them by reference but not schlepping them.

 - Carl

Carl,  you may have missed the original comment, where I discussed point-of-sale terminals, digital driver's licenses, etc., that would be
examined by a living person. I wouldn't suggest using a "mega-certificate" to access FTP files, although the question of how to
biometrically authenticate access controls at a distance is an interesting one (especially considering replay attacks).

The trade-off between including information in the certificate vs. having to retrieve the information from a remote source and compare
the message digest to the hash in the certificate cannot be made in a vacuum.  I can surely read information more quickly off ta CD-ROM
with a 6X or 8X drive than I can download it via modem at any speed less than T1.