[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The case against mega-certificates



At 11:47 AM 5/8/96 -0400, Bob Jueneman wrote:

>>One can use a (location,hash) pair to stand for any object

>Carl,  you may have missed the original comment, where I discussed
point-of-sale terminals, digital driver's licenses, etc., that would be
examined by a living person.  I wouldn't suggest using a "mega-certificate"
to access FTP files, although the question of how to biometrically
authenticate access controls at a distance is an interesting one (especially
considering replay attacks).

Bob,

        even if you restrict your attention to a physically present person
carrying a PCMCIA card, I would argue against a mega-certificate.  Of
course, the card would carry the image or sound recording or whatever so
that the point-of-sale-terminal operator would have it readily available
without a high speed net connection -- but there is no reason to include
that image in the actual certificate.  I would include the image's hash and
a pointer to the image (on the card).  For any use of the certificate which
doesn't care to display the image, you save all the hashing and retrieval
time of the image.  It's only when the operator wants to view the image and
verify its validity that you have to retrieve and hash the image, compare
hashes with the one in the cert and verify the cert.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091              Tel: (703) 620-4200                         |
+--------------------------------------------------------------------------+


Follow-Ups: