[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: K-of-N subjects
-----BEGIN PGP SIGNED MESSAGE-----
At 12:47 PM 8/26/97 -0400, Michael C. Richardson wrote:
> I think k-of-n is of sufficient interest for CA type applications
>that I think that justifies it. It ought to be a SHOULD, not a MUST
>for implementations. I see CRC's (with pre-shared symmetric signing
>keys) being the tool to let devices with very small CPUs to act as
>verifiers. The relationship to Kerberos is strong here. Someone told
>me that NT 5.0 will have Kerberos...
This might be a real solution to the problem. Let's see what the
list thinks. Letting K-of-N be a "should" (something we don't bother
distinguishing yet) and planning for light and heavy weight tuple
reducing engines allows us to have our cake and eat it too if/when
we pair the small, dumb card processors with a trusted device on
the net. It certainly makes smartcard life easier...unless there
is a problem finding that trusted, networked device which has a
symmetric key in its memory -- for generating the CRC for the card.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNAMkbFQXJENzYr45AQGtOQP+KmeaFgR7+BKyBQkRBnqW93QbSgLIbpiF
Vhia0fp/NSBAAI+ZGwEosUItp0Pa+FiwdqETMAIQoK5RqSOYY096VDwRu4Gkgr85
6673KlfaiqFAMyl5erA78nBeVnozsIReCivgTV0XU/gZKhZfL7vRmbohKjsgIf4B
FEBExV59FIw=
=PFTp
-----END PGP SIGNATURE-----
References: