Collected Postings

Client and Radius Authentication

aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV

aadsm2.htm#account A different architecture? (was Re: certificate path

aadsm2.htm#straw AADS Strawman

aadsm2.htm#keyl4 On leaving the 56-bit key length limitation

aadsm2.htm#pkikrb PKI/KRB

aepay2.htm#privrule3 U.S. firms gird for privacy rules

aepay4.htm#comcert6 Merchant Comfort Certificates

aepay4.htm#comcert7 Merchant Comfort Certificates

aepay4.htm#rfc2807b RFC 2807 published today XML Signature Requirements

aepay4.htm#rfc2807c RFC 2807 published today XML Signature Requirements

ansiepay.htm#x959demo X9.59/AADS demos operational

99.html#216 Ask about Certification-less Public Key

99.html#217 AADS/X9.59 demo & standards at BAI (world-wide retail banking) show

99.html#224 X9.59/AADS announcement at BAI this week

99.html#229 Digital Signature on SmartCards

99.html#230 Radius Help help!!!

99.html#235 Attacks on a PKI

2000.html#33 SmartCard with ECC crypto

2000.html#47 TLS: What is the purpose of the client certificate request?

2000.html#57 RealNames hacked. Firewall issues

2000b.html#90 Question regarding authentication implementation

2000b.html#92 Question regarding authentication implementation

2000c.html#2 Financial Stnadards Work group?

2001c.html#8 Server authentication

2001c.html#9 Server authentication

2001c.html#34 PKI and Non-repudiation practicalities

2001d.html#20 What is PKI?

2001d.html#21 What is PKI?

2001d.html#46 anyone have digital certificates sample code

aepay6.htm#userauth MS masters NC mind-set (authentication is the key)

2001g.html#1 distributed authentication

2001g.html#3 distributed authentication

2001g.html#26 distributed authentication

aadsm6.htm#nonreput Sender and receiver non-repudiation

aadsm6.htm#nonreput2 Sender and receiver non-repudiation

aepay7.htm#ssexploit Shared-Secret exploit

2001h.html#74 Net banking, is it safe???

2001i.html#9 Net banking, is it safe???

2001j.html#49 Are client certificates really secure?

2001k.html#59 intranet security and user authentication questions

aadsm7.htm#auth Who or what to authenticate?

2001k.html#63 how to start write a Firewall authentication client software

aadsm7.htm#auth2 Who or what to authenticate?

aadsm7.htm#idcard AGAINST ID CARDS

aadsm7.htm#idcard2 AGAINST ID CARDS

aadsm9.htm#cfppki5 CFP: PKI research workshop

2002e.html#52 PKI and Relying Parties

2002l.html#3 why is Kerberos better than this simpler replacement

2002l.html#4 why is Kerberos better than this simpler replacement

2002o.html#42 use of RADIUS

2003.html#50 Origin of Kerberos

2003d.html#42 Authentification vs Encryption in a system to system interface

aadsm13.htm#30 How effective is open source crypto? (aads addenda)

2003e.html#57 Security in RADIUS (RFC2865)

2003e.html#58 Security in RADIUS (RFC2865)

2003g.html#70 Simple resource protection with public keys

2003h.html#13 Authentication protocol

2003h.html#18 Authentication protocol

aadsm14.htm#27 Maybe It's Snake Oil All the Way Down

2003j.html#25 Idea for secure login

aepay11.htm#70 Confusing Authentication and Identiification? (addenda)

2003m.html#1 Password / access rights check

2003m.html#50 public key vs passwd authentication?

2004h.html#21 Basics of key authentication

2005d.html#18 Digital signature with Javascript

2005g.html#48 "Best practices" or "Best implementations"?

2005g.html#49 "Best practices" or "Best implementations"?

2005i.html#2 Certificate Services

2005i.html#3 General PKI Question

2005i.html#4 Authentication - Server Challenge

2005i.html#23 The Worth of Verisign's Brand

2005i.html#27 REPOST: Authentication, Authorization TO Firewall

2005i.html#36 Improving Authentication on the Internet

2005j.html#18 Repository for digital certificates

aadsm19.htm#43 massive data theft at MasterCard processor

2005.html#5 Globus/GSI versus Kerberos

2005m.html#15 Course 2821; how this will help for CISSP exam ?

2005m.html#37 public key authentication

2005n.html#43 X509 digital certificate for offline solution

2005n.html#51 IPSEC and user vs machine authentication

2005o.html#9 Need a HOW TO create a client certificate for partner access

aadsm20.htm#37 Another entry in the internet security hall of shame

aadsm20.htm#38 Another entry in the internet security hall of shame

aadsm21.htm#4 Another entry in the internet security hall of shame

aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)

aadsm21.htm#8 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)

2005p.html#33 Digital Singatures question

2005p.html#35 PKI

2005p.html#40 how password is stored and check the authentication??

2005q.html#1 Effective micropayments

2005q.html#13 IPSEC with non-domain Server

2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)

2005q.html#29 IPSEC wireless router ?

2005s.html#24 What ever happened to Tandem and NonStop OS ?

2006c.html#35 X.509 and ssh

2006i.html#13 Multi-layered PKI implementation

2006i.html#25 Benefits of PKI - 5,000 nodes organization

aadsm23.htm#52 Status of opportunistic encryption

aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw

aadsm24.htm#8 Microsoft - will they bungle the security game?

2006u.html#4 ssh - password control or key control?

2006v.html#49 Patent buster for a method that increases password security

2007.html#15 SSL info

2007f.html#60 Certificates

2007u.html#51 folklore indeed

2007u.html#76 folklore indeed

aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)

aadsm28.htm#31 Fixing SSL (was Re: Dutch Transport Card Broken)

2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)

2008k.html#40 Calling Out

2008k.html#51 The PKC-only application security model

2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle

2008n.html#70 Could you please tell me about RADIUS authentication and how it works?

2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces

top , by subject : technology , networking , public key , integrity , Boyd - home

SSL Domain Name Server Certificates

aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV

aadsm2.htm#integrity Scale (and the SRV record)

aadsm3.htm#kiss1 KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))

aadsm3.htm#kiss3 KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss4 KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss5 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss6 KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss7 KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss8 KISS for PKIX

aadsm3.htm#kiss9 KISS for PKIX .... password/digital signature

aadsm3.htm#kiss10 KISS for PKIX. (authentication/authorization seperation)

aadsm5.htm#asrn2 Assurance, e-commerce, and some x9.59 ... fyi

aadsm5.htm#asrn3 Assurance, e-commerce, and some x9.59 ... fyi

aepay3.htm#sslset2 "SSL & SET Query" ... from usenet group

aepay4.htm#comcert Merchant Comfort Certificates

aepay4.htm#comcert3 Merchant Comfort Certificates

aepay4.htm#comcert5 Merchant Comfort Certificates

aepay4.htm#comcert9 Merchant Comfort Certificates

aepay4.htm#comcert10 Merchant Comfort Certificates

aepay4.htm#comcert11 Merchant Comfort Certificates

aepay4.htm#comcert12 Merchant Comfort Certificates

aepay4.htm#comcert13 Merchant Comfort Certificates

aepay4.htm#comcert14 Merchant Comfort Certificates

aepay4.htm#comcert16 Merchant Comfort Certificates

aepay4.htm#dnsinteg2 Domain Name integrity problem

aepay4.htm#3dssl VISA 3D-SSL

aepay6.htm#gaopki4 GAO: Government faces obstacles in PKI security adoption

2000b.html#40 general questions on SSL certificates

2000b.html#93 Question regarding authentication implementation

2000e.html#40 Why trust root CAs?

2000e.html#47 Why trust root CAs?

2000e.html#50 Why trust root CAs?

2000e.html#51 Why trust root CAs?

2000g.html#25 SSL as model of security

2001c.html#8 Server authentication

2001c.html#9 Server authentication

2001c.html#62 SSL weaknesses

2001e.html#26 Can I create my own SSL key?

2001e.html#27 Can I create my own SSL key?

2001e.html#33 Can I create my own SSL key?

2001e.html#35 Can I create my own SSL key?

2001e.html#36 Can I create my own SSL key?

2001e.html#37 Can I create my own SSL key?

2001e.html#39 Can I create my own SSL key?

2001e.html#40 Can I create my own SSL key?

2001e.html#43 Can I create my own SSL key?

2001e.html#46 Can I create my own SSL key?

aadsm5.htm#conpki The Fundamental Inadequacies of Conventional PKI

2001e.html#49 Can I create my own SSL key?

2001e.html#56 Need explaination of PKI and Kerberos

aepay6.htm#crlwork do CRL's actually work?

aadsm5.htm#dspki use of digital signatures and PKI

aepay6.htm#dspki use of digital signatures and PKI

aepay6.htm#pkimort Problem with the (lingering) death of x.509 PKI ... forwarded ... fyi

2001g.html#2 Root certificates

2001g.html#10 Root certificates

2001g.html#16 Root certificates

2001g.html#17 Root certificates

2001g.html#19 Root certificates

2001g.html#21 Root certificates

2001g.html#25 Root certificates

2001g.html#31 Root certificates

2001g.html#40 Self-Signed Certificate

2001h.html#4 PKI/Digital signature doesn't work

2001h.html#6 PKI/Digital signature doesn't work

2001j.html#8 PKI (Public Key Infrastructure)

2001k.html#6 Is VeriSign lying???

2001l.html#22 Web of Trust

2001l.html#26 voice encryption box (STU-III for the masses)

2001l.html#29 voice encryption box (STU-III for the masses)

2001l.html#31 voice encryption box (STU-III for the masses)

aadsm8.htm#softpki Software for PKI

aadsm8.htm#softpki2 Software for PKI

aadsm8.htm#softpki3 Software for PKI

aadsm8.htm#softpki4 Software for PKI

aadsm8.htm#softpki5 Software for PKI

aadsm8.htm#softpki6 Software for PKI

aadsm8.htm#softpki7 Software for PKI

aadsm8.htm#softpki8 Software for PKI

aadsm8.htm#softpki9 Software for PKI

aadsm8.htm#softpki10 Software for PKI

aadsm8.htm#softpki11 Software for PKI

aadsm8.htm#softpki12 Software for PKI

2001m.html#21 misc. SSL

aadsm8.htm#softpki14 DNSSEC (RE: Software for PKI)

aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)

aadsm8.htm#softpki20 DNSSEC (RE: Software for PKI)

2001m.html#35 CA Certificate Built Into Browser Confuse Me

2001m.html#37 CA Certificate Built Into Browser Confuse Me

2001m.html#41 Solutions to Man in the Middle attacks?

2001n.html#57 Certificate Authentication Issues in IE and Verisign

2001n.html#58 Certificate Authentication Issues in IE and Verisign

2001n.html#73 A PKI question and an answer

aadsm9.htm#cfppki5 CFP: PKI research workshop

aadsm9.htm#cfppki6 CFP: PKI research workshop

aadsm10.htm#cfppki20 CFP: PKI research workshop

2002d.html#47 SSL MITM Attacks

2002e.html#56 PKI and Relying Parties

2002e.html#72 Digital certificate varification

2002g.html#65 Real man-in-the-middle attacks?

2002j.html#38 MITM solved by AES/CFB - am I missing something?!

2002j.html#58 SSL integrity guarantees in abscense of client certificates

2002j.html#59 SSL integrity guarantees in abscense of client certificates

2002j.html#61 SSL integrity guarantees in abscense of client certificates<

2002j.html#79 Q: Trust in an X.509 certificate

2002k.html#11 Serious vulnerablity in several common SSL implementations?

2002m.html#30 Root certificate definition

2002m.html#64 SSL certificate modification

2002m.html#65 SSL certificate modification

2002n.html#2 SRP authentication for web app

2002o.html#7 Are ssl certificates all equally secure?

2002o.html#10 Are ssl certificates all equally secure?

2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#10 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#11Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#12 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#17 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#18 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#19 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#20 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#21 Cirtificate Authorities 'CAs', how curruptable are they to

aepay10.htm#75 Invisible Ink, E-signatures slow to broadly catch on (addenda)

aepay10.htm#76 Invisible Ink, E-signatures slow to broadly catch on (addenda)

aepay10.htm#77 Invisible Ink, E-signatures slow to broadly catch on (addenda)

aepay10.htm#78 ssl certs

aepay10.htm#79 ssl certs

aepay10.htm#80 Invisible Ink, E-signatures slow to broadly catch on (addenda)

aepay10.htm#81 SSL certs & baby steps

aepay10.htm#82 SSL certs & baby steps (addenda)

aepay10.htm#83 SSL certs & baby steps

aadsm12.htm#67 Offline Root CA with valid CRL hierachie

2003.html#52 SSL & Man In the Middle Attack

2003.html#63 SSL & Man In the Middle Attack

aepay11.htm#5 Self-Regulating SSL Certificate Authority

aadsm13.htm#10X.500, LDAP Considered harmful Was: OCSP/LDAP

2003d.html#29 SSL questions

2003d.html#30 SSL questions

aadsm13.htm#25 Certificate Policies (addenda)

aadsm13.htm#26 How effective is open source crypto?

aadsm13.htm#28 How effective is open source crypto? (addenda)

aadsm13.htm#29 How effective is open source crypto? (bad form)

aadsm13.htm#32 How effective is open source crypto? (bad form)

aadsm13.htm#33 How effective is open source crypto? (bad form)

aadsm13.htm#34 How effective is open source crypto? (bad form)

aadsm13.htm#35 How effective is open source crypto? (bad form)

aadsm13.htm#36 How effective is open source crypto? (bad form)

aadsm13.htm#37 How effective is open source crypto?

2003f.html#25 New RFC 3514 addresses malicious network traffic

aadsm14.htm#9 "Marginot Web" (SSL, payments, etc)

aadsm14.htm#36 An attack on paypal

aadsm14.htm#37 Keyservers and Spam

2003l.html#36 Proposal for a new PKI model (At least I hope it's new)

2003l.html#43 Proposal for a new PKI model (At least I hope it's new)

2003l.html#45 Proposal for a new PKI model (At least I hope it's new)

2003l.html#46 Proposal for a new PKI model (At least I hope it's new)

2003l.html#51 Proposal for a new PKI model (At least I hope it's new)

2003l.html#52 Proposal for a new PKI model (At least I hope it's new)

2003l.html#53 Proposal for a new PKI model (At least I hope it's new)

2003l.html#54 Proposal for a new PKI model (At least I hope it's new)

2003l.html#55 Proposal for a new PKI model (At least I hope it's new)

2003l.html#57 Proposal for a new PKI model (At least I hope it's new)

2003l.html#60 Proposal for a new PKI model (At least I hope it's new)

aadsm15.htm#7 Is cryptography where security took the wrong branch?

aadsm15.htm#16 how simple is SSL? (Re: Monoculture)

2003n.html#10 Cracking SSL

aadsm15.htm#26 SSL, client certs, and MITM (was WYTM?)

aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)

aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)

2003p.html#20 Dumb anti-MITM hacks / CAPTCHA application

2004b.html#39 SSL certificates

2004b.html#40 SSL certificates

2004b.html#41 SSL certificates

aadsm17.htm#18 PKI International Consortium

aadsm17.htm#37 Moving forward with pre-shared keys

2004g.html#6 Adding Certificates

aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming

aadsm18.htm#14 In Search of Eve - the upper boundary on Mallory

aadsm18.htm#15 In Search of Eve - the upper boundary on Mallory

aadsm18.htm#16 In Search of Eve - the upper boundary on Mallory

2004h.html#28 Convince me that SSL certificates are not a big scam

2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates

2004h.html#59 New Method for Authenticated Public Key Exchange without Digital Certificates

2004i.html#2 New Method for Authenticated Public Key Exchange without Digital Certificates

2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates

2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates

2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates

2004m.html#12 How can I act as a Certificate Authority (CA) with openssl ??

aadsm18.htm#43 SSL/TLS passive sniffing

2004q.html#42 browser without "padlock" secure?

2004q.html#53 [Lit.] Buffer overruns

2005.html#35 Do I need a certificat?

2005b.html#32 Noobie SSL certificate problem

2005c.html#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)

2005e.html#22 PKI: the end

2005e.html#25 PKI: the end

2005e.html#26 PKI: the end

2005e.html#27 PKI: the end

2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix

2005e.html#51 TLS-certificates and interoperability-issues sendmail/Exchange/postfix

2005f.html#9 TLS-certificates and interoperability-issues sendmail/Exchange/postfix

2005f.html#20 Some questions on smart cards (Software licensing using smart cards)

aadsm19.htm#8 GeoTrust says existing PKI practices are worthless

2005g.html#0 What is a Certificate?

2005g.html#1 What is a Certificate?

2005g.html#9 What is a Certificate?

2005g.html#44 Maximum RAM and ROM for smartcards

2005g.html#45 Maximum RAM and ROM for smartcards

2005g.html#50 Maximum RAM and ROM for smartcards

2005h.html#8 keysigning: identity checks

2005h.html#27 How do you get the chain of certificates & public keys securely

2005h.html#29 Dealing with warning that certifcate can't be trusted?

2005i.html#0 More Phishing scams, still no SSL being used

2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom

2005i.html#3 General PKI Question

aadsm19.htm#13 What happened with the session fixation bug?

2005i.html#7 Improving Authentication on the Internet

2005i.html#8 More Phishing scams, still no SSL being used

2005i.html#9 More Phishing scams, still no SSL being used

2005i.html#21 The Worth of Verisign's Brand

2005i.html#34 The Worth of Verisign's Brand

2005i.html#36 Improving Authentication on the Internet

aadsm19.htm#17 What happened with the session fixation bug?

2005k.html#29 More Phishing scams, still no SSL being used

2005k.html#60 The Worth of Verisign's Brand

2005l.html#1 The Worth of Verisign's Brand

aadsm19.htm#42 massive data theft at MasterCard processor

2005l.html#21 The Worth of Verisign's Brand

2005l.html@23 The Worth of Verisign's Brand

2005l.html#24 The Worth of Verisign's Brand

2005l.html#32 More Phishing scams, still no SSL being used

2005m.html#0 simple question about certificate chains

2005m.html#1 Creating certs for others (without their private keys)

2005m.html#18 S/MIME Certificates from External CA

aadsm20.htm#9 the limits of crypto and authentication

2005m.html#45 Digital ID

2005n.html#5 Wildcard SSL Certificates

2005n.html#9 Which certification authority to use

aadsm20.htm#26 [Clips] Does Phil Zimmermann need a clue on VoIP?

aadsm20.htm#27 [Clips] Does Phil Zimmermann need a clue on VoIP?

aadsm20.htm#31 The summer of PKI love

aadsm20.htm#32 How many wrongs do you need to make a right?

aadsm20.htm#37 Another entry in the internet security hall of shame

2005o.html#41 Certificate Authority of a secured P2P network

2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc

aadsm20.htm#43 Another entry in the internet security hall of shame

2005p.html#32 PKI Certificate question

2005q.html#29 IPSEC wireless router ?

2005s.html#24 What ever happened to Tandem and NonStop OS ?

2005s.html#49 phishing web sites using self-signed certs

2005t.html#0 TTP and KCM

2005t.html#6 phishing web sites using self-signed certs

2005t.html#32 RSA SecurID product

2005t.html#34 RSA SecurID product

aadsm21.htm#22 Broken SSL domain name trust model

aadsm21.htm#23 Broken SSL domain name trust model

aadsm21.htm#24 Broken SSL domain name trust model

2005u.html#2 PGP Lame question

2005u.html#8 PGP Lame question

2005u.html#9 PGP Lame question

aadsm21.htm#28 X.509 / PKI, PGP, and IBE Secure Email Technologies

aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies

aadsm21.htm#36 browser vendors and CAs agreeing on high-assurance certificates

aadsm21.htm#39 X.509 / PKI, PGP, and IBE Secure Email Technologies

aadsm21.htm#40 X.509 / PKI, PGP, and IBE Secure Email Technologies

aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies

aadsm22.htm#0 GP4.3 - Growth and Fraud - Case #3 - Phishing

2006.html#33 The new High Assurance SSL Certificates

2006c.html#10 X.509 and ssh

2006c.html#13 X.509 and ssh

aadsm22.htm#17 Major Browsers and CAS announce balkanisation of Internet Security

2006c.html#35 X.509 and ssh

2006c.html#36 Secure web page?

2006c.html#38 X.509 and ssh

2006c.html#39 X.509 and ssh

2006d.html#26 Caller ID "spoofing"

2006d.html#28 Caller ID "spoofing"

2006d.html#29 Caller ID "spoofing"

aadsm22.htm#18 "doing the CA statement shuffle" and other dances

aadsm22.htm#19 "doing the CA statement shuffle" and other dances

2006e.html#42 SSL Certificate Signing

2006f.html#15 trusted certificates and trusted repositories

2006f.html#17 trusted certificates and trusted repositories

2006f.html#29 X.509 and ssh

2006f.html#32 X.509 and ssh

2006f.html#33 X.509 and ssh

2006f.html#34 X.509 and ssh

aadsm23.htm#3 News and Views - Mozo, Elliptics, eBay + fraud, naïve use of TLS and/or tokens

2006h.html#27 confidence in CA

2006h.html#34 The Pankian Metaphor

aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan

2006j.html#47 where do I buy a SSL certificate?

2006j.html#48 where do I buy a SSL certificate?

2006k.html#2 Hey! Keep Your Hands Out Of My Abstraction Layer!

2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!

2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!

aadsm23.htm#47 Status of opportunistic encryption

aadsm24.htm#24 It's official! SSH whips HTTPS butt! (in small minor test of no import....)

aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes

aadsm24.htm#33 Threatwatch - 2-factor tokens attacked by phishers

aadsm24.htm#44 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure

aadsm25.htm#17 Hamiltonian path as protection against DOS

2006p.html#7 SSL, Apache 2 and RSA key sizes

aadsm25.htm#36 signing all outbound email

2006s.html#11 Why not 2048 or 4096 bit RSA key issuance?

2006t.html#2 Is the teaching of non-reentrant HLASM coding practices ever defensible?

2006t.html#8 Root CA CRLs

aadsm26.htm#1 Extended Validation - setting the minimum liability, the CA trap, the market in browser governance

2006v.html#49 Patent buster for a method that increases password security

2006w.html#15 more secure communication over the network

2006x.html#36 SSL security with server certificate compromised

2006y.html#7 Securing financial transactions a high priority for 2007

2007.html#7 SSL info

2007.html#15 SSL info

2007.html#17 SSL info

2007b.html#53 Forbidding Special characters in passwords

2007c.html#30 Securing financial transactions a high priority for 2007

2007c.html#51 Securing financial transactions a high priority for 2007

aadsm26.htm#25 EV - what was the reason, again?

aadsm26.htm#26 man in the middle, SSL

aadsm26.htm#27 man in the middle, SSL ... addenda

aadsm26.htm#28 man in the middle, SSL

2007d.html#26 Securing financial transactions a high priority for 2007

aadsm26.htm#31 man in the middle, SSL ... addenda 2

aadsm26.htm#32 Failure of PKI in messaging

aadsm26.htm#33 Failure of PKI in messaging ... addenda

aadsm26.htm#34 Failure of PKI in messaging

2007d.html#35 MAC and SSL

2007d.html#36 MAC and SSL

2007d.html#60 SLL Certificate

2007d.html#67 SLL Certificate

2007f.html#31 Is that secure : <form action="https" from a local HTML page ?

2007f.html#75 Securing financial transactions a high priority for 2007

2007g.html#32 Can SSL sessions be compromised?

2007g.html#38 Can SSL sessions be compromised?

2007g.html#60 Can SSL sessions be compromised?

2007g.html#63 The Perfect Computer - 36 bits?

2007g.html#50 DNSSEC to be strangled at birth

aadsm26.htm#51 The One True Identity -- cracks being examined, filled, and rotted out from the inside

aadsm26.htm#52 The One True Identity -- cracks being examined, filled, and rotted out from the inside

aadsm26.htm#53 The One True Identity -- cracks being examined, filled, and rotted out from the inside

2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?

2007h.html#21 asymmetric cryptography + digital signature

2007h.html#22 sizeof() was`: The Perfect Computer - 36 bits?

2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?

2007h.html#67 SSL vs. SSL over tcp/ip

aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy

2007k.html#32 SSL Security

aadsm27.htm#14 307 digit number factored

aadsm27.htm#15 307 digit number factored

aadsm27.htm#16 dnssec?

aadsm27.htm#18 PKI moving to adopt the plugin model -- realignment to security based on user-needs?

aadsm27.htm#19 307 digit number factored

aadsm27.htm#20 307 digit number factored

2007k.html#79 John W. Backus, 82, Fortran developer, dies

2007l.html#0 John W. Backus, 82, Fortran developer, dies

2007l.html#6 John W. Backus, 82, Fortran developer, dies

2007l.html#41 My Dream PC -- Chip-Based

2007m.html#41 X.509 weakness?

aadsm27.htm#30 A secure Internet requires a secure network protocol

2007n.html#5 John W. Backus, 82, Fortran developer, dies

2007n.html#9 John W. Backus, 82, Fortran developer, dies

aadsm27.htm#35 The bank fraud blame game

207q.html#1 what does xp do when system is copying

2007q.html#30 what does xp do when system is copying

aadsm27.htm#62 Fingerprint Firefox Plugin?

2007q.html#72 Value of SSL client certificates?

2007r.htmL#12 How to tell a fake SSL certificate from a real one

2007r.html#17 How to tell a fake SSL certificate from a real one

2007r.html#18 How to tell a fake SSL certificate from a real one

2007r.html#19 How to tell a fake SSL certificate from a real one

2007r.html#24 How to tell a fake SSL certificate from a real one

2007s.html#23 The new urgency to fix online privacy

2007t.html#61 Crypto Related Posts

2007u.html#76 folklore indeed

2008.html#61 1975 movie "Three Days of the Condor" tech stuff

aadsm28.htm#21 Dutch Transport Card Broken

aadsm28.htm#47 delegating SSL certificates

aadsm28.htm#48 World's biggest PKI goes open source: DogTag is released

aadsm28.htm#79 User interface, security, and "simplicity"

2008h.html#72 SSL certificates - from a customer's point of view (trust)

aadsm28.htm#82 Can we copy trust?

2008i.html#70 Next Generation Security

2008j.html#63 CLIs and GUIs

2008k.html#29 dollar coins

2008k.html#74 Top 10 vulnerabilities for service orientated architecture?

2008l.html#28 Verifying Verified By Visa - Registration breaks chain of trust

2008l.html#34 Authentication in the e-tailer / payment gateway / customer triangle

2008l.html#46 z/OS BIND9 DNS Vulnerable to Cache Poisoning Attack Problem?

2008l.html#50 IBM manual web pages

2008l.html#52 Quality of IBM school clock systems?

2008l.html#69 Verifying Verified By Visa - Registration breaks chain of trust

2008n.html#55 In your experience which is a superior debit card scheme - PIN based debit or signature debit?

2008n.html#92 How did http get a port number as low as 80?

2008n.html#93 How did http get a port number as low as 80?

2008n.html#96 Wachovia Bank web site

2008n.html#100 Wachovia Bank web site

2008o.html#4 Wachovia Bank web site

2008o.html#11 Browser Security UI: the horns of the dilemma

2008q.html#3 GPG

top , by subject : technology , networking , public key , integrity , Boyd - home

X9.59, Identity, Authentication, and Privacy

aadsm2.htm#anon anonymity in current infrastructure

aadsm2.htm#privacy Identification and Privacy are not Antinomies

aadsm2.htm#mauthauth Human Nature

aadsm2.htm#stall EU digital signature initiative stalled

aadsm2.htm#straw AADS Strawman

aadsm4.htm#9 Thin PKI won - You lost

aadsm5.htm#x959 X9.59 Electronic Payment Standard

aadsm5.htm#xmlvch implementations of "XML Voucher: Generic Voucher Language"?

aadsm5.htm#shock revised Shocking Truth about Digital Signatures

aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures

aadsmail.htm#mfraud AADS, X9.59, security, flaws, privacy

aadsmail.htm#vbank Statistical Attack Against Virtual Banks (fwd)

aepay2.htm#aadspriv Account Authority Digital Signatures ... in support of x9.59

aepay2.htm#morepriv [E-CARM] AADS, x9.59, & privacy

aepay2.htm#privrules U.S. firms gird for privacy rules

aepay2.htm#privrule2 U.S. firms gird for privacy rules

aepay2.htm#privrule3 U.S. firms gird for privacy rules

aepay3.htm#riskm The Thread Between Risk Management and Information Security

aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates

aepay3.htm#gap2 [ISN] Card numbers, other details easily available at online stores

aepay3.htm#privacy misc. privacy

aepay3.htm#x959risk2 Risk Management in AA / draft X9.59

aepay3.htm#smrtcrd Smart Cards with Chips encouraged ... fyi

aepay4.htm#privis privacy issues

aepay5.htm#pkiillfit Some PKI references from yesterday's SlashDot

aepay6.htm#harvest2 shared-secrets, CC#, & harvesting CC#

aepay6.htm#dsdebate Digital Signatures Spark Debate

ansiepay.htm#privacy more on privacy

ansiepay.htm#x959bai X9.59/AADS announcement at BAI

ansiepay.htm#theory Security breach raises questions about Internet shopping

ansiepay.htm#scaads X9.59 related press release at smartcard forum

98.html#0 Account Authority Digital Signature model

98.html#41 AADS, X9.59, & privacy

98.html#48 X9.59 & AADS

99.html#165 checks (was S/390 on PowerPC?)

99.html#171 checks (was S/390 on PowerPC?)

99.html#189 Internet Credit Card Security

99.html#216 Ask about Certification-less Public Key

99.html#217 AADS/X9.59 demo & standards at BAI (world-wide retail banking) show

99.html#224 X9.59/AADS announcement at BAI this week

99.html#228 Attacks on a PKI

99.html#229 Digital Signature on SmartCards

2000.html#36 "Trusted" CA - Oxymoron?

2000.html#60 RealNames hacked. Firewall issues

2000b.html#40 general questions on SSL certificates

2000b.html#53 Digital Certificates-Healthcare Setting

2000b.html#90 Question regarding authentication implementation

2000c.html#26 The first "internet" companies?

2000f.html#72 SET; was Re: Why trust root CAs?

2000g.html#5 e-commerce: Storing Credit Card numbers safely

2000g.html#33 does CA need the proof of acceptance of key binding?

2000g.html#34 does CA need the proof of acceptance of key binding?

2001.html#67 future trends in asymmetric cryptography

2001.html#73 how old are you guys

2001b.html#14 IBM's announcement on RVAs

2001b.html#85 what makes a cpu fast

2001c.html#42 PKI and Non-repudiation practicalities

2001c.html#56 PKI and Non-repudiation practicalities

2001c.html#57 PKI and Non-repudiation practicalities

2001c.html#58 PKI and Non-repudiation practicalities

2001c.html#72 PKI and Non-repudiation practicalities

2001d.html#7 Invalid certificate on 'security' site

2001d.html#8 Invalid certificate on 'security' site

2001d.html#19 [Newbie] Authentication vs. Authorisation?

2001d.html#41 solicit advice on purchase of digital certificate

2001e.html#26 Can I create my own SSL key?

2001e.html#33 Can I create my own SSL key?

2001e.html#35 Can I create my own SSL key?

2001e.html#36 Can I create my own SSL key?

2001f.html#15 Medical data confidentiality on network comms

2001f.html#24 Question about credit card number

2001f.html#31 Remove the name from credit cards!

aadsm5.htm#liex509 Lie in X.BlaBla

aadsm5.htm#pkimort PKI: Evolve or Die

aepay6.htm#dspki2 use of digital signatures and PKI

aepay6.htm#dspki3 use of digital signatures and PKI (addenda)

aepay6.htm#pkimort2 problem with the death of X.509 PKI (forwarded)

aepay6.htm#dspki4 use of digital signatures and PKI (addenda)

aepay6.htm#userauth2 MS masters NC mind-set (authentication is the key)

aepay6.htm#itheft "Gurard against Identity Theft" (arrived in the post today)

2001f.html#77 FREE X.509 Certificates

2001f.html#79 FREE X.509 Certificates

2001g.html#0 FREE X.509 Certificates

2001g.html#1 distributed authentication

2001g.html#11 FREE X.509 Certificates

2001g.html#12 FREE X.509 Certificates

aepay7.htm#nonrep0 non-repudiation, was Re: crypto flaw in secure mail standards

aepay7.htm#nonrep1 non-repudiation, was Re: crypto flaw in secure mail standards

aepay7.htm#nonrep2 non-repudiation, was Re: crypto flaw in secure mail standards

aepay7.htm#nonrep3 non-repudiation, was Re: crypto flaw in secure mail standards

aepay7.htm#nonrep4 non-repudiation, was Re: crypto flaw in secure mail standards

aepay7.htm#nonrep5 non-repudiation, was Re: crypto flaw in secure mail standards

aepay7.htm#nonrep6 non-repudiation, was Re: crypto flaw in secure mail standards

2001g.html#65 PKI/Digital signature doesn't work

2001g.html#68 PKI/Digital signature doesn't work

2001h.html#53 Net banking, is it safe???

2001h.html#58 Net banking, is it safe???

aepay7.htm#netbank net banking, is it safe?? ... power to the consumer

2001i.html#9 Net banking, is it safe???

2001i.html#53 Credit Card # encryption

2001j.html#9 E-commerce security????

aadsm6.htm#terror Did Encryption Empower These Terrorists?

aadsm6.htm#terror Did Encryption Empower These Terrorists?

aadsm6.htm#terror7 Did Encryption Empower These Terrorists?

aadsm6.htm#terror9 Did Encryption Empower These Terrorists?

aadsm6.htm#terror10 Did Encryption Empower These Terrorists?

aepay7.htm#liberty Network Identity Alliance -- Liberty Alliance Project

aadsm7.htm#cryptofree Erst-Freedom: Sic Semper Political Cryptography

aepay7.htm#edsecure4 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure

aadsm9.htm#privacy Seeking Privacy Online, Even as Security Tightens

aadsm9.htm#cfppki CFP: PKI research workshop

aadsm9.htm#cfppki2 CFP: PKI research workshop

aadsm9.htm#cfppki3 CFP: PKI research workshop

aadsm9.htm#cfppki4 CFP: PKI research workshop

aadsm10.htm#hackhome Hackers Targeting Home Computers

aadsm10.htm#hackhome2 Hackers Targeting Home Computers

aadsm10.htm#anonpay Crypto Winter (Re: Looking back ten years: Another Cypherpunks failure)

2002f.html#32 Biometric Encryption: the solution for network intruders?

2002f.html#34 Security and e-commerce

aadsm11.htm#6 Meaning of Non-repudiation

aadsm11.htm#6 Meaning of Non-repudiation

aadsm11.htm#17 Alternative to Microsoft Passport: Sunshine vs Hai

aadsm11.htm#28 Proposal: A replacement for 3D Secure

aadsm11.htm#45 Giuliani: ID cards won't curb freedoms

aadsm12.htm#4 3D-Secure and Passport

2002j.html#18 Symmetric-Key Credit Card Protocol on Web Site

2002l.html#35 Cryptography

2002m.html#17 A new e-commerce security proposal

2002m.html#38 Convenient and secure eCommerce using POWF

aepay10.htm#46 x9.73 Cryptographic Message Syntax

2002m.html#53 Authentication of others is a privilege, not a right

2002m.html#55 Beware, Intel to embed digital certificates in Banias

aadsm12.htm#32 Employee Certificates - Security Issues

2002n.html#13 Help! Good protocol for national ID card?

2002n.html#30 Help! Good protocol for national ID card?

aadsm12.htm#37 Legal entities who sign

aadsm12.htm#38 Legal entities who sign

aepay10.html#55 Meeting to mull privacy standard's next step

aadsm12.htm#39 Identification = Payment Transaction?

2002o.html#56 Certificate Authority: Industry vs. Government

2002o.html#57 Certificate Authority: Industry vs. Government

2002o.html#62 Certificate Authority: Industry vs. Government

2002o.html#67 smartcard+fingerprint

aadsm12.htm#44 Identity Theft More Often an Inside Job

aepay10.htm#60 First Data Unit Says It's Untangling Authentication

aadsm12.htm#50 Frist Data Unit Says It's Untangling Authentication

aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication

aepay10.htm#61 First Data Unit Says It's Untangling Authentication

2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to

aadsm12.htm#52 First Data Unit Says It's Untangling Authentication

aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication

aadsm12.htm#55 TTPs & AADS (part II)

aepay10.htm#62 VeriSign unveils new online identity verification services

aepay10.htm#65 eBay Customers Targetted by Credit Card Scam

2002p.html#50 Cirtificate Authorities 'CAs', how curruptable are they to

aepay10.htm#71 Invisible Ink, E-signatures slow to broadly catch on

aepay10.html#72 Invisible Ink, E-signatures slow to broadly catch on

aepay10.html#73 Invisible Ink, E-signatures slow to broadly catch on

aepay10.html#74 Invisible Ink, E-signatures slow to broadly catch on (addenda)

aepay11.htm#0 identity, fingerprint, from comp.risks

aepay11.htm#1 Sun releases Liberty-enabled software

aepay11.htm#2 Sun releases Liberty-enabled software

aepay11.htm#13 Microsoft Fixes Passport to Meet EU Privacy Rules

2003b.html#65 Storing digital IDs on token for use with Outlook

aepay11.htm#14 More Identity Theft ... Security Stands in Line Behind Other Priorities

aepay11.htm#27 Solving the problem of micropayments

aepay11.htm#28 Solving the problem of micropayments

aepay11.htm#31 Privacy again a hot-button issue for legistlators

aadsm14.htm#1 Who's afraid of Mallory Wolf?

aeapy11.htm#37 Who's afraid of Mallory Wolf?

aadsm14.htm#4 Who's afraid of Mallory Wolf?

aepay11.htm#40 ID theft costs banks $1 billion a year

aepay11.htm#49 A More Anonymous Internet

aepay11.htm#50 Concern Grows About ID Theft

aadsm14.htm#10 Microsoft Identity Server Prepped For Windows Server 2003

2003h.html#29 application of unique signature

aadsm14.htm#28 Maybe It's Snake Oil All the Way Down

aadsm14.htm#30 Maybe It's Snake Oil All the Way Down

aepay11.htm#53 Authentication white paper

aadsm14.htm#40 The real problem that https has conspicuously failed to fix

aadsm14.htm#41 certificates & the alternative view

aepay11.htm#61 HIPAA, privacy, identity theft

aepay11.htm#62 HIPAA, privacy, identity theft (addenda

aepay11.htm#66 Confusing Authentication and Identiification?

aepay11.htm#67 Confusing Authentication and Identiification?

aepay11.htm#72 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)

aepay11.htm#73 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)

aepay12.htm#0 Four Corner model. Was: Confusing Authentication and Identiification? (addenda)

aepay12.htm#2 Confusing business process, payment, authentication and identification

aepay12.htm#4 Confusing business process, payment, authentication and identification

aepay12.htm#5 Law aims to reduce identity theft

aadsm14.htm#49 replay & integrity

aadsm14.htm#54 Draft E-Authentication Policy for Federal Agencies

aepay12.htm#9 New privacy rules could mean headaches for financial services IT

aepay12.htm#10 Feds Want Banks to Warn of ID Theft

aadsm15.htm#2 Is cryptography where security took the wrong branch?

aadsm15.htm#6 x9.59

aepay12.htm#22 some X9.59 (and little FSTC) ... from crypto mailing list ... fyi

aadsm15.htm#21 Simple SSL/TLS - Some Questions

aadsm15.htm#40 FAQ: e-Signatures and Payments

2003o.html#12 Database design and confidential data protection

2003o.html#18 Database design and confidential data protection

2003p.html#17 Does OTP need authentication?

aadsm17.htm#1 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)

aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)

aadsm17.htm#4 Difference between TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed)

2004b.html#25 Who is the most likely to use PK?

2004b.html#50 The SOB that helped IT jobs move to India is dead!

aadsm17.htm#12 A combined EMV and ID card

aadsm17.htm#13 A combined EMV and ID card

aadsm17.htm#18 PKI International Consortium

aadsm17.htm#20 PKI International Consortium

aadsm17.htm#21 Identity (was PKI International Consortium)

aadsm17.htm#23 PKI International Consortium

aadsm17.htm#24 Privacy, personally identifiable information, identity theft m

aadsm17.htm#25 Single Identity. Was: PKI International Consortium

2004e.html#9 Authentification classifications

aadsm17.htm#40 The future of security

aadsm17.htm#47 authentication and authorization ... addenda

aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)

aadsm17.htm#51 authentication and authorization

aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming

aadsm18.htm#6 dual-use digital signature vulnerability

2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates

2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates

2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates

aadsm18.htm#22 [anonsec] Re: potential new IETF WG on anonymous IPSec

aadsm18.htm#27 EMV cards as identity cards

aadsm18.htm#28 x9.99 privacy note

aadsm18.htm#29 EMV cards as identity cards

aadsm18.htm#31 EMV cards as identity cards

aadsm18.htm#32 EMV cards as identity cards

aadsm18.htm#39 Financial identity is *dangerous*? (was re: Fake companies, real money)

2005.html#14 Using smart cards for signing and authorization in applets

2005i.html#4 Authentication - Server Challenge

aadsm19.htm#14 To live in interesting times - open Identity systems

2005i.html#34 The Worth of Verisign's Brand

2005i.html#36 Improving Authentication on the Internet

aadsm19.htm#17 What happened with the session fixation bug?

aadsm19.htm#35 de-identification

2005k.html#26 More on garbage

2005k.html#55 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)

aadsm19.htm#38 massive data theft at MasterCard processor

aadsm19.htm#39 massive data theft at MasterCard processor

aadsm19.htm#40 massive data theft at MasterCard processor

aadsm19.htm#44 massive data theft at MasterCard processor

2005l.html#17 The Worth of Verisign's Brand

2005l.html#22 The Worth of Verisign's Brand

2005l.html#36 More Phishing scams, still no SSL being used

2005l.html#37 More Phishing scams, still no SSL being used

aadsm19.htm#45 payment system fraud, etc

aadsm19.htm#46 the limits of crypto and authentication

aadsm19.htm#47 the limits of crypto and authentication

aadsm19.htm#48 Why Blockbuster looks at your ID

aadsm19.htm#49 Why Blockbuster looks at your ID

aadsm20.htm#1 Keeping an eye on ATM fraud

aadsm20.htm#4 the limits of crypto and authentication

aadsm20.htm#5 the limits of crypto and authentication

aadsm20.htm#11 the limits of crypto and authentication

aadsm20.htm#17 the limits of crypto and authentication

aadsm20.htm#18 the limits of crypto and authentication

2005m.html#42 public key authentication

aadsm20.htm#20 ID "theft" -- so what?

2005m.html#53 Barcode Email

2005o.html#6 X509 digital certificate for offline solution

aadsm21.htm#2 Another entry in the internet security hall of shame

aadsm21.htm#3 Is there any future for smartcards?

aadsm21.htm#13 Contactless payments and the security challenges

aadsm21.htm#18 'Virtual Card' Offers Online Security Blanket

aadsm21.htm#19 mixing authentication and identification?

2005t.html#6 phishing web sites using self-signed certs

2005t.html#9 phishing web sites using self-signed certs

2005t.html#34 RSA SecurID product

2005t.html#52 PGP Lame question

2005u.html#1 PGP Lame question

2005u.html#3 PGP Lame question

2005u.html#8 PGP Lame question

aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies

aadsm21.htm#35 [Clips] Banks Seek Better Online-Security Tools

2005u.html#31 AMD to leave x86 behind?

2005u.html#33 PGP Lame question

aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies

2005v.html#2 ABN Tape - Found

2005v.html#3 ABN Tape - Found

aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing

aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing

aadsm22.htm#5 long-term GPG signing key

2006c.html#35 X.509 and ssh

2006d.html#25 Caller ID "spoofing"

2006d.html#26 Caller ID "spoofing"

2006d.html#31 Caller ID "spoofing"

2006d.html#37 transputers again was Re: The demise of Commodore

aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)

aadsm22.htm#21 FraudWatch - Chip&Pin, a new tenner (USD10)

aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner (USD10)

aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)

2006e.html#44 Does the Data Protection Act of 2005 Make Sense

aadsm22.htm#33 Meccano Trojans coming to a desktop near you

2006f.html#16 trusted repositories and trusted transactions

aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)

aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)

2006f.html#34 X.509 and ssh

2006f.html#35 X.509 and ssh

aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures

aadsm23.htm#1 RSA Adaptive Authentication

2006g.html#40 Why are smart cards so dumb?

aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naïve use of TLS and/or tokens

2006h.html#26 Security

aadsm23.htm#9 PGP "master keys"

aadsm23.htm#11 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures

aadsm23.htm#12 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures

aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan

aadsm23.htm#19 Petrol firm suspends chip-and-pin

2006i.html#13 Multi-layered PKI implementation

aadsm23.htm#32 Chip-and-Pin terminals were replaced by "repairworkers"?

aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?

2006k.html#4 Passwords for bank sites - change or not?

2006k.html#5 Value of an old IBM PS/2 CL57 SX Laptop

2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!

2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!

2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop

aadsm23.htm#49 Status of SRP

aadsm23.htm#51 Status of opportunistic encryption

aadsm23.htm#54 Status of SRP

aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw

aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw

aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards

aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet

aadsm24.htm#7 Naked Payments IV - let's all go naked

aadsm24.htm#8 Microsoft - will they bungle the security game?

2006m.html#15 OpenSSL Hacks

aadsm24.htm#10 Naked Payments IV - let's all go naked

aadsm24.htm#22 Naked Payments IV - let's all go naked

aadsm24.htm#23 Use of TPM chip for RNG?

aadsm24.htm#26 Naked Payments IV - let's all go naked

aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes

aadsm24.htm#28 DDA cards may address the UK Chip&Pin woes

aadsm24.htm#29 DDA cards may address the UK Chip&Pin woes

aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes

aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes

aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes

aadsm24.htm#38 Interesting bit of a quote

2006n.html#40 Identity Management Best Practices

aadsm24.htm#48 more on FBI plans new Net-tapping push

aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?

2006o.html#16 Gen 2 EPC Protocol Approved as ISO 18000-6C

2006o.html#17 Gen 2 EPC Protocol Approved as ISO 18000-6C

aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC

2006o.html#35 the personal data theft pandemic continues

2006o.html#37 the personal data theft pandemic continues

2006o.html#40 the personal data theft pandemic continues

aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts

aadsm25.htm#18 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts

aadsm25.htm#20 Identity v. anonymity -- that is not the question

aadsm25.htm#21 Identity v. anonymity -- that is not the question

2006p.html#8 SSL, Apache 2 and RSA key sizes

aadsm25.htm#27 A note on vendor reaction speed to the e=3 problem

2006q.html#47 Smartcard reader with certificate inside the reader

aadsm25.htm#33 Mozilla moves on security

aadsm25.htm#38 How the Classical Scholars dropped security from the canon of Computer Science

aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)

2006t.html#5 Are there more stupid people in IT than there used to be?

2006t.html#40 Encryption and authentication

2006u.html#43 New attacks on the financial PIN processing

aadsm26.htm#5 ATMs hacked using MP3 player

aadsm26.htm#6 Citibank e-mail looks phishy

2006v.html#2 New attacks on the financial PIN processing

aadsm26.htm#8 What is the point of encrypting information that is publicly visible?

2006v.html#13 Who has a Core Competency in Security?

2006v.html#26 Fighting Fraudulent Transactions

2006v.html#39 On sci.crypt: New attacks on the financial PIN processing

2006v.html#42 On sci.crypt: New attacks on the financial PIN processing

2006v.html#49 Patent buster for a method that increases password security

2006w.html#5 Patent buster for a method that increases password security

2006w.html#36 What does a patent do that copyright does not?

2006y.html#7 Securing financial transactions a high priority for 2007

2006y.html#25 "The Elements of Programming Style"

2007.html#0 Securing financial transactions a high priority for 2007

2007.html#17 SSL info

2007.html#28 Securing financial transactions a high priority for 2007

aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?

2007.html#42 The logic of privacy

aadsm26.htm#20 Tamperproof, yet playing Tetris

2007b.html#12 Special characters in passwords was Re: RACF - Password rules

2007b.html#60 Securing financial transactions a high priority for 2007

2007b.html#61 Securing financial transactions a high priority for 2007

2007c.html#35 Securing financial transactions a high priority for 2007

2007c.html#36 Securing financial transactions a high priority for 2007

2007c.html#37 Securing financial transactions a high priority for 2007

2007c.html#43 Securing financial transactions a high priority for 2007

2007c.html#44 Securing financial transactions a high priority for 2007

2007c.html#46 Securing financial transactions a high priority for 2007

2007c.html#51 Securing financial transactions a high priority for 2007

aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins

2007d.html#10 The logic of privacy

2007d.html#11 Securing financial transactions a high priority for 2007

2007d.html#12 One Time Identification, a request for comments/testing

aadsm26.htm#25 EV - what was the reason, again?

aadsm26.htm#27 man in the middle, SSL ... addenda

aadsm26.htm#29 News.com: IBM donates new privacy tool to open-source Higgins

aadsm26.htm#34 Failure of PKI in messaging

2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8

2007d.html#37 MAC and SSL

aadsm26.htm#36 New Credit Cards May Leak Personal Information

2007d.html#57 Which is the Fastest (Secure) Way to Exchange 256-bit Keys?

2007d.html#70 Securing financial transactions a high priority for 2007

2007e.html#12 Securing financial transactions a high priority for 2007

2007e.html#26 Securing financial transactions a high priority for 2007

2007e.html#61 Securing financial transactions a high priority for 2007

2007f.html#8 Securing financial transactions a high priority for 2007

2007f.html#31 Is that secure : <form action="https" from a local HTML page ?

2007f.html#75 Securing financial transactions a high priority for 2007

aadsm26.htm#42 "Dilemmas of Privacy and Surveillance" report launched

aadsm26.htm#43 Cost of an identity

2007g.html#15 T.J. Maxx data theft worse than first reported

2007g.html#19 T.J. Maxx data theft worse than first reported

aadsm26.htm#44 Governance of anonymous financial services

2007g.html#30 T.J. Maxx data theft worse than first reported

aadsm26.htm#48 Governance of anonymous financial services

aadsm26.htm#51 The One True Identity -- cracks being examined, filled, and rotted out from the inside

aadsm26.htm#55 The One True Identity -- cracks being examined, filled, and rotted out from the inside

2007h.html#22 sizeof() was`: The Perfect Computer - 36 bits?

2007h.html#27 sizeof() was: The Perfect Computer - 36 bits?

2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?

2007h.html#37 sizeof() was: The Perfect Computer - 36 bits?

2007h.html#58 T.J. Maxx data theft worse than first reported

aadsm26.htm#61 crypto component services - is there a market?

2007h.html#63 T.J. Maxx data theft worse than first reported

2007i.html#17 John W. Backus, 82, Fortran developer, dies

2007i.html#23 John W. Backus, 82, Fortran developer, dies

2007i.html#55 John W. Backus, 82, Fortran developer, dies

2007i.html#64 John W. Backus, 82, Fortran developer, dies

2007i.html#65 John W. Backus, 82, Fortran developer, dies

2007i.html#66 John W. Backus, 82, Fortran developer, dies

2007i.html#74 public key password authentication

aadsm26.htm#66 More Tipping Point evidence - POS vendors sued

aadsm26.htm#70 WSJ: Soft evidence on a crypto-related breach

aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy

aadsm27.htm#1 H6.2 Most Standardised Security Protocols are Too Heavy

2007j.html#67 open source voting

2007k.html#53 My Dream PC -- Chip-Based

2007k.html#55 My Dream PC -- Chip-Based

aadsm27.htm#15 307 digit number factored

2007k.html#76 My Dream PC -- Chip-Based

2007l.html#8 John W. Backus, 82, Fortran developer, dies

2007l.html#16 John W. Backus, 82, Fortran developer, dies

2007l.html#35 My Dream PC -- Chip-Based

2007l.html#39 My Dream PC -- Chip-Based

2007l.html#41 My Dream PC -- Chip-Based

2007l.html#48 My Dream PC -- Chip-Based

aadsm27.htm#23 Identity resurges as a debate topic

2007l.html#70 nouns and adjectives

aadsm27.htm#26 A crazy thought?

aadsm27.htm#28 A crazy thought?

2007m.html#9 John W. Backus, 82, Fortran developer, dies

2007m.html#27 nouns and adjectives

2007m.html#31 nouns and adjectives

2007n.html#8 nouns and adjectives

2007n.html#9 John W. Backus, 82, Fortran developer, dies

aadsm27.htm#31 The bank fraud blame game

aadsm27.htm#32 The bank fraud blame game

aadsm27.htm#34 The bank fraud blame game

aadsm27.htm#35 The bank fraud blame game

aadsm27.htm#37 The bank fraud blame game

2007n.html#52 Windows Monitor or CUSP?

aadsm27.htm#50 If your CSO lacks an MBA, fire one of you

aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater

aadsm27.htm#52 more on firing your MBA-less CSO

2007n.html#85 PCI Compliance - Encryption of all non-console administrative access

2007o.html#0 The Unexpected Fact about the First Computer Programmer

aadsm27.htm#60 Retailers try to push data responsibilities back to banks

2007q.html#11 what does xp do when system is copying

2007q.html#34 what does xp do when system is copying

2007q.html#72 Value of SSL client certificates?

2007r.html#21 Is the media letting banks off the hook on payment card security

2007r.html#24 How to tell a fake SSL certificate from a real one

2007r.html#26 The new urgency to fix online privacy

2007r.html#29 The new urgency to fix online privacy

2007r.html#32 Is the media letting banks off the hook on payment card security

20074.html#34 Is the media letting banks off the hook on payment card security

2007r.html#54 The new urgency to fix online privacy

2007r.html#61 The new urgency to fix online privacy

2007r.html#63 Translation of IBM Basic Assembler to C?

2007r.html#66 The new urgency to fix online privacy

2007s.html#6 ATMs

2007s.html#16 The new urgency to fix online privacy

2007s.html#55 Translation of IBM Basic Assembler to C?

2007t.html#3 Translation of IBM Basic Assembler to C?

2007t.html#5 Translation of IBM Basic Assembler to C?

2007t.html#6 Translation of IBM Basic Assembler to C?

2007t.html#28 'Man in the browser' is new threat to online banking

2007t.html#61 Crypto Related Posts

2007u.html#10 Crypto Related Posts

2007u.html#67 folklore indeed

2007u.html#76 folklore indeed

2007v.html#60 Credit Card Details

2007v.html#70 folklore indeed

2007v.html#74 folklore indeed

aadsm28.htm#1 2008: The year of hack the vote?

2007v.html#77 folklore indeed

2007v.html#79 folklore indeed

2007v.html#85 folklore indeed

2007v.html#86 folklore indeed

2007v.html#87 Data Breaches Soar In 2007

2007v.html#93 folklore indeed

2007v.html#94 folklore indeed

2008.html#7 folklore indeed

2008.html#8 folklore indeed

2008.html#9 folklore indeed

aadsm28.htm#5 Why Security Modelling doesn't work -- the OODA loop of today's battle

2008.html#67 File Transfer conundrum

aadsm28.htm#19 Lack of fraud reporting paths considered harmful

2008c.html#47 Data Erasure Products

aadsm28.htm#24 Fixing SSL (was Re: Dutch Transport Card Broken)

aadsm28.htm#26 Fixing SSL (was Re: Dutch Transport Card Broken)

2008c.html#89 Toyota Sales for 2007 May Surpass GM

2008c.html#90 Toyota Sales for 2007 May Surpass GM

2008d.html#3 Govt demands password to personal computer

2008d.html#88 The hands-free way to steal a credit card

aadsm28.htm#37 Attack on Brit retail payments -- some takeways

2008e.html#56 Any benefit to programming a RISC processor by hand?

2008e.html#66 independent appraisers

2008e.html#76 independent appraisers

aadsm28.htm#41 Trojan with Everything, To Go!

aadsm28.htm#42 Trojan with Everything, To Go!

2008f.html#44 Realistic dynamics of contactless

2008g.html#8 Hannaford case exposes holes in law, some say

2008g.html#17 Hannaford breach illustrates dangerous compliance mentality

2008g.html#27 Hannaford case exposes holes in law, some say

2008g.html#28 Hannaford case exposes holes in law, some say

2008h.html#4 You won't guess who's the bad guy of ID theft

aadsm28.htm#59 Information Security Vs. Businesss Resilience

aadsm28.htm#64 Seeking expert on credit card fraud prevention - particularly CNP/online transactions

aadsm28.htm#72 What are the current INNOVATIVE ICT Security Services, that are in demand or highly marketable at the moment

aadsm28.htm#75 Fun with Data Theft/Breach Numbers

2008h.html#86 What mode of payment you could think of with the advent of time?

2008i.html#24 Credit Card Fraud

2008i.html#42 "Security Breaches"

2008i.html#55 Is data classification the right approach to pursue a risk based information security program?

2008i.html#61 Could you please name sources of information you trust on RFID and/or other Wireless technologies?

2008i.html#70 Next Generation Security

2008i.html#83 Certificate Purpose

2008j.html#34 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)

2008j.html#43 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)

2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)

2008j.html#55 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)

2008k.html#40 Calling Out

2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle

2008l.html#33 Authentication in the e-tailer / payment gateway / customer triangle

2008l.html#52 Payments Security in RFS

2008l.html#52 Quality of IBM school clock systems?

2008l.html#89 Fraud due to stupid failure to test for negative

2008m.html#0 Fraud due to stupid failure to test for negative

2008m.html#55 With all the highly publicised data breeches and losses, are we all wasting our time?

2008m.html#56 With all the highly publicised data breeches and losses, are we all wasting our time?

2008m.html#66 With all the highly publicised data breeches and losses, are we all wasting our time?

2008m.html#70 Why SSNs Are Not Appropriate for Authentication and when, where and why should you offer/use it?

2008m.html#71 TJ Maxx - why are they still in business?

2008m.html#72 What are security areas to be addressed before starting an e-commerce transaction or setting up a portal?

2008n.html#45 In your experience which is a superior debit card scheme - PIN based debit or signature debit?

2008n.html#46 Mobile Payment/All-in-One Card

2008n.html#48 In your experience which is a superior debit card scheme - PIN based debit or signature debit?

2008n.html#54 In your experience which is a superior debit card scheme - PIN based debit or signature debit?

2008n.html#55 In your experience which is a superior debit card scheme - PIN based debit or signature debit?

2008n.html#59 In your experience which is a superior debit card scheme - PIN based debit or signature debit?

2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?

2008n.html#90 Credit Card Security

2008o.html#2 Credit Card Security

2008o.html#13 What risk of possible data leakage do you see for your organization?

2008o.html#16 Is Information Security driven by compliance??

2008o.html#17 what will be a wow feature in a credit card

2008o.html#22 What risk of possible data leakage do you see for your organization?

2008o.html#47 Will cards with PayPass (from MasterCard) be using CHIP & PIN in the future?

2008o.html#60 Biometric Credit cards

2008o.html#70 What happened in security over the last 10 years?

2008o.html#76 Blinkenlights

2008p.html#2 Keeping private information private

2008p.html#5 Privacy, Identity theft, account fraud

2008p.html#7 Dealing with the neew MA ID protection law

2008p.html#10 Strings story

2008p.html#11 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#14 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#15 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#18 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#21 Would you say high tech authentication gizmo's are a waste of time/money/effort?

2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces

2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#38 How do group members think the US payments business will evolve over the next 3 years?

2008p.html#44 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#46 Would you say high tech authentication gizmo's are a waste of time/money/effort?

2008p.html#55 Can Smart Cards Reduce Payments Fraud and Identity Theft?

2008p.html#67 Web Security hasn't moved since 1995

2008p.html#74 2008 Data Breaches: 30 Million and Counting

2008q.html#0 GPG

top , by subject : technology , networking , public key , integrity , Boyd - home

Misc. Relying Party Certificates

aadsmail.htm#perform AADS & X9.59 performance and algorithm key sizes

aadsmore.htm#hcrl3 Huge CRLs

aadsmore.htm#vpki valid PKIs

aadsmore.htm#killer0 Killer PKI Applications

aadsmore.htm#scanon Smartcard anonymity patents

aadsmore.htm#pressign President Clinton digital signing

aadsmore.htm#client3 Client-side revocation checking capability

aadsmore.htm#client4 Client-side revocation checking capability

aadsm2.htm#scale Scale (and the SRV record)

aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV

aadsm2.htm#integrity Scale (and the SRV record)

aadsm2.htm#account A different architecture? (was Re: certificate path

aadsm2.htm#privacy Identification and Privacy are not Antinomies

aadsm2.htm#mauthauth Human Nature

aadsm2.htm#stall EU digital signature initiative stalled

aadsm2.htm#techno digital signatures, technology experiments, and service operations

aadsm3.htm#cstech6 cardtech/securetech & CA PKI

aadsm3.htm#kiss1 KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss4 KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm3.htm#kiss5 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

aadsm4.htm#4 Public Key Infrastructure: An Artifact...

aadsm4.htm#6 Public Key Infrastructure: An Artifact...

aadsm4.htm#7 Public Key Infrastructure: An Artifact...

aadsm4.htm#9 Thin PKI won - You lost

aadsm5.htm#x959 X9.59 Electronic Payment Standard

aadsm5.htm#shock revised Shocking Truth about Digital Signatures

aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures

aadsm5.htm#liex509 Lie in X.BlaBla...

aadsm5.htm#pkimort PKI: Evolve or Die

aadsm5.htm#spki Simple PKI

aadsm5.htm#spki2 Simple PKI

aadsm5.htm#spki3 Simple PKI

aadsm5.htm#spki4 Simple PKI

aadsm6.htm#echeck Electronic Checks

aadsm7.htm#pcards4 The end of P-Cards?

aadsm7.htm#rhose10 when a fraud is a sale, Re: Rubber hose attack

aadsm7.htm#rhose11 when a fraud is a sale, Re: Rubber hose attack

aadsm8.htm#softpki4 Software for PKI

aadsm8.htm#softpki8 Software for PKI

aadsm8.htm#softpki9 Software for PKI

aadsm8.htm#softpki11 Software for PKI

aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)

aadsm9.htm#softpki23 Software for PKI

aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"

aadsm9.htm#pkcs12d A PKI Question: PKCS11-> PKCS12

aadsm9.htm#cfppki CFP: PKI research workshop

aadsm9.htm#cfppki4 CFP: PKI research workshop

aadsm9.htm#cfppki5 CFP: PKI research workshop

aadsm9.htm#cfppki8 CFP: PKI research workshop

aadsm9.htm#cfppki9 CFP: PKI research workshop

aepay2.htm#fed Federal CP model and financial transactions

aepay2.htm#cadis disaster recovery cross-posting

aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates

aepay3.htm#openclose open CADS and closed AADS

aepay3.htm#aadsrel1 AADS related information

aepay3.htm#aadsrel2 AADS related information ... summary

aepay3.htm#x959discus X9.59 discussions at X9A & X9F

aepay4.htm#comcert11 Merchant Comfort Certificates

aepay6.htm#dsdebate Digital Signatures Spark Debate

aepay6.htm#crlwork do CRL's actually work?

aepay6.htm#dspki2 use of digital signatures and PKI

aepay6.htm#dspki3 use of digital signatures and PKI (addenda)

aepay6.htm#dspki4 use of digital signatures and PKI (addenda)

aepay6.htm#userauth2 MS masters NC mind-set (authentication is the key)

aadsm11.htm#8 Meaning of Non-repudiation

aadsm11.htm#9 Meaning of Non-repudiation

aadsm11.htm#11 Meaning of Non-repudiation

aadsm11.htm#18 IBM alternative to PKI?

aadsm11.htm#19 IBM alternative to PKI?

aadsm11.htm#21 IBM alternative to PKI?

aadsm11.htm#25 Proxy PKI. Was: IBM alternative to PKI?

aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda

aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II

aadsm12.htm#6 NEWS: 3D-Secure and Passport

aepay10.htm#31 some certification & authentication landscape summary from recent threads

aepay10.htm#35 some certification & authentication landscape summary from recent threads

aepay10.htm#37 landscape & p-cards

98.html#41 AADS, X9.59, & privacy

99.html#226 Attacks on a PKI

99.html#228 Attacks on a PKI

2000.html#36 "Trusted" CA - Oxymoron?

2000.html#40 "Trusted" CA - Oxymoron?

2000.html#41 "Trusted" CA - Oxymoron?

2000.html#57 RealNames hacked. Firewall issues.

2000b.html#40 general questions on SSL certificates

2000b.html#93 Question regarding authentication implementation

2000e.html#41 Why trust root CAs ?

2000f.html#15 Why trust root CAs ?

2000f.html#72 SET; was Re: Why trust root CAs ?

2001c.html#56 PKI and Non-repudiation practicalities

2001c.html#57 PKI and Non-repudiation practicalities

2001c.html#58 PKI and Non-repudiation practicalities

2001c.html#60 PKI and Non-repudiation practicalities

2001c.html#72 PKI and Non-repudiation practicalities

2001c.html#73 PKI and Non-repudiation practicalities

2001c.html#79 Q: ANSI X9.68 certificate format standard

2001d.html#7 Invalid certificate on 'security' site.

2001d.html#20 What is PKI?

2001e.html#35 Can I create my own SSL key?

2001e.html#46 Can I create my own SSL key?

2001f.html#77 FREE X.509 Certificates

2001f.html#79 FREE X.509 Certificates

2001g.html#21 Root certificates

2001g.html#40 Self-Signed Certificate

2001g.html#64 PKI/Digital signature doesn't work

2001g.html#65 PKI/Digital signature doesn't work

2001g.html#68 PKI/Digital signature doesn't work

2001h.html#0 PKI/Digital signature doesn't work

2001h.html#3 PKI/Digital signature doesn't work

2001h.html#7 PKI/Digital signature doesn't work

2001i.html#16 Net banking, is it safe???

2001k.html#0 Are client certificates really secure?

2001n.html#57 Certificate Authentication Issues in IE and Verisign

2001n.html#73 A PKI question and an answer

2002b.html#25 Question about root CA authorities

2002d.html#39 PKI Implementation

2002e.html#49 PKI and Relying Parties

2002e.html#52 PKI and Relying Parties

2002e.html#56 PKI and Relying Parties

2002e.html#72 Digital certificate varification

2002f.html#57 IBM competes with Sun w/new Chips

2002g.html#32 Secure Device Drivers

aadsm12.htm#27 Employee Certificates - Security Issues

aadsm12.htm#28 Employee Certificates - Security Issues

aadsm12.htm#29 Employee Certificates - Security Issues

2002i.html#72 A Lesson In Security

2002k.html#57 History of AOL

2002l.html#71 Faster seeks (was Re: Do any architectures use instruction

2002m.html#17 A new e-commerce security proposal

2002m.html#20 A new e-commerce security proposal

2002m.html#36 (OT) acceptance of technology, was: Convenient and secure

2002m.html#55 Beware, Intel to embed digital certificates in Banias

2002n.html#8 Tweaking old computers?

2002n.html#13 Help! Good protocol for national ID card?

2002n.html#30 Help! Good protocol for national ID card?

2002n.html#44 public-key cryptography impossible?

2002o.html#57 Certificate Authority: Industry vs. Government

2002o.html#67 smartcard+fingerprint

aadsm12.htm#32 Employee Certificates - Security Issues

aadsm12.htm#39 Identification = Payment Transaction?

aadsm12.htm#41 I-D ACTION:draft-ietf-pkix-sim-00.txt

aadsm12.htm#42 draft-ietf-pkix-warranty-extn-01.txt

aadsm12.htm#43 draft-ietf-pkix-warranty-extn-01.txt

aadsm12.htm#45 draft-ietf-pkix-warranty-extn-01.txt

aadsm12.htm#48 draft-ietf-pkix-warranty-extn-01.txt

aadsm12.htm#49 draft-ietf-pkix-warranty-extn-01.txt

aadsm12.htm#52 First Data Unit Says It's Untangling Authentication

aadsm12.htm#53 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication

aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication

2002p.html#21 Cirtificate Authorities 'CAs', how curruptable are they to

aadsm14.htm#20 Payments as an answer to spam (addenda)

2003i.html#1 Two-factor authentication with SSH?

aepay11.htm#68 Confusing Authentication and Identiification?

aepay11.htm#71 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)

aadsm14.htm#48 basic question: semantics of "map", "tie", etc in PKI

2003k.html#66 Digital signature and Digital Certificate

2003l.html#33 RSA vs AES

2003m.html#49 public key vs passwd authentication?

aadsm15.htm#33 VS: On-line signature standards

2003p.html#17 Does OTP need authentication?

aadsm16.htm#16 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

aadsm16.htm#21 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

aadsm17.htm#9 Setting X.509 Policy Data in IE, IIS, Outlook

2004b.html#25 Who is the most likely to use PK?

aadsm17.htm#12 A combined EMV and ID card

2004d.html#7 Digital Signature Standards

aadsm17.htm#16 PKI International Consortium

aadsm17.htm#18 PKI International Consortium

aadsm17.htm#19 PKI International Consortium

aadsm17.htm#23 PKI International Consortium

aadsm17.htm#26 privacy, authentication, identification, authorization

aadsm17.htm#27 Re:Identity Firewall. l PKI International Consortium

2004e.html#20 Soft signatures

aadsm17.htm#34 The future of security

2004f.html#13 racf

2004g.html#5 Adding Certificates

aadsm17.htm#41 Yahoo releases internet standard draft for using DNS as public key server

aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming

2004h.html#13 Two-factor Authentication Options?

2004h.html#14 Two-factor Authentication Options?

aadsm18.htm#5 Using crypto against Phishing, Spoofing and Spamming

aadsm18.htm#7 Using crypto against Phishing, Spoofing and Spamming

2004j.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates

2004j.html#8 New Method for Authenticated Public Key Exchange without Digita Certificates

aadsm18.htm#27 EMV cards as identity cards

aadsm18.htm#29 EMV cards as identity cards

aadsm18.htm#31 EMV cards as identity cards

2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid

2004m.html#23 Help! I'm trying to understand PKI - especially CA's role

2005c.html#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)

aadsm18.htm#55 MD5 collision in X509 certificates

2005e.html#22 PKI: the end

2005e.html#38 xml-security vs. native security

2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix

aadsm19.htm#8 GeoTrust says existing PKI practices are worthless

2005f.html#62 single-signon with X.509 certificates

2005g.html#45 Maximum RAM and ROM for smartcards

2005h.html#25 couple more Q's on basic public key encryption techniques

2005h.html#27 How do you get the chain of certificates & public keys securely

aadsm19.htm#11 EuroPKI 2005 - Call for Participation

2005i.html#4 Authentication - Server Challenge

2005i.html#7 Improving Authentication on the Internet

aadsm19.htm#33 Digital signatures have a big problem with meaning

aadsm19.htm#40 massive data theft at MasterCard processor

2005k.html#60 The Worth of Verisign's Brand

2005l.html#7 Signing and bundling data using certificates

2005l.html#12 The Worth of Verisign's Brand

2005l.html#25 PKI Crypto and VSAM RLS

2005l.html#29 Importing CA certificate to smartcard

2005l.html#33 More Phishing scams, still no SSL being used

2005l.html#35 More Phishing scams, still no SSL being used

aadsm19.htm#45 payment system fraud, etc

aadsm20.htm#0 the limits of crypto and authentication

aadsm20.htm#5 the limits of crypto and authentication

2005m.html#15 Course 2821; how this will help for CISSP exam ?

aadsm20.htm#11 the limits of crypto and authentication

2005n.html#33 X509 digital certificate for offline solution

2005n.html#39 Uploading to Asimov

2005n.html#51 IPSEC and user vs machine authentication

2005o.html#2 X509 digital certificate for offline solution

aadsm20.htm#32 How many wrongs do you need to make a right?

2005o.html#31 Is symmetric key distribution equivalent to symmetric key generation?

2005o.html#41 Certificate Authority of a secured P2P network

aadsm20.htm#38 Another entry in the internet security hall of shame

aadsm20.htm#39 Another entry in the internet security hall of shame

aadsm20.htm#40 Another entry in the internet security hall of shame

aadsm20.htm#42 Another entry in the internet security hall of shame

aadsm21.htm#2 Another entry in the internet security hall of shame

2005q.html#13 IPSEC with non-domain Server

2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)

2005r.html#54 NEW USA FFIES Guidance

2005s.html#43 P2P Authentication

2005s.html#52 TTP and KCM

2005t.html#6 phishing web sites using self-signed certs

2005t.html#32 RSA SecurID product

2005t.html#52 PGP Lame question

2005u.html#19 Identity and Access Management (IAM)

aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing

2006b.html#37 X.509 and ssh

2006c.html#34 X.509 and ssh

2006e.html#8 Beginner's Pubkey Crypto Question

2006f.html#15 trusted certificates and trusted repositories

2006f.html#16 trusted repositories and trusted transactions

2006f.html#29 X.509 and ssh

2006f.html#31 X.509 and ssh

aadsm23.htm#14 Shifting the Burden - legal tactics from the contracts world

2006i.html#13 Multi-layered PKI implementation

2006i.html#13 Multi-layered PKI implementation

aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"

aadsm23.htm#51 Status of opportunistic encryption

aadsm25.htm#20 Identity v. anonymity -- that is not the question

aadsm25.htm#32 On-card displays

aadsm25.htm#46 Flaw exploited in RFID-enabled passports

2006v.html#49 Patent buster for a method that increases password security

2006y.html#13 Your data private? Access all areas is on the cards

2007.html#15 SSL info

2007.html#17 SSL info

2007.html#34 SSL info

2007b.html#61 Securing financial transactions a high priority for 2007

aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins

2007d.html#10 The logic of privacy

aadsm26.htm#27 man in the middle, SSL ... addenda

2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?

aadsm26.htm#61 crypto component services - is there a market?

2007k.html#79 John W. Backus, 82, Fortran developer, dies

2007l.html#9 John W. Backus, 82, Fortran developer, dies

aadsm27.htm#23 Identity resurges as a debate topic

aadsm27.htm#26 A crazy thought?

aadsm27.htm#35 The bank fraud blame game

2007n.html#46 Windows Monitor or CUSP?

2007n.html#63 Poll: oldest computer thing you still use

aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater

aadsm27.htm#52 more on firing your MBA-less CSO

2007q.html#5 Windows Live vs Kerberos

2007q.html#24 what does xp do when system is copying

2007q.html#72 Value of SSL client certificates?

2007r.html#26 The new urgency to fix online privacy

2007s.html#51 Translation of IBM Basic Assembler to C?

aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)

aadsm28.htm#48 World's biggest PKI goes open source: DogTag is released

2008i.html#93 Certificate Purpose

top , by subject : technology , networking , public key , integrity , Boyd - home

Kerberos and/or pk-init

aadsm2.htm#pkikrb PKI/KRB

aadsm3.htm#cstech cardtech/securetech & CA PKI

aadsm3.htm#cstech2 cardtech/securetech & CA PKI

aepay10.htm#31 some certification & authentication landscape summary from recent threads

aepay10.htm#32 some certification & authentication landscape summary from recent threads

aepay10.htm#33 pk-init draft (not yet a RFC)

aepay10.htm#39 Microsoft Trustbridge ... Kerberos (tickets) support

aepay10.htm#65 eBay Customers Targetted by Credit Card Scam

aepay10.htm#66 eBay Customers Targetted by Credit Card Scam

aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda

aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II

aadsm12.htm#4 NEWS: 3D-Secure and Passport

aadsm12.htm#5 NEWS: 3D-Secure and Passport

aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication

aadsm12.htm#66 Subpoena Sidelines PKI Project

aepay11.htm#1 Sun releases Liberty-enabled software

2001d.html#46 anyone have digital certificates sample code

2001e.html#56 Need explaination of PKI and Kerberos

2001k.html#10 HP-UX will not be ported to Alpha (no surprise)exit

2002i.html#54 Unisys A11 worth keeping?

2002j.html#40 Beginner question on Security

2002j.html#60 How to map a user account to a digital cert?

2002l.html#3 why is Kerberos better than this simpler replacement

2002l.html#4 why is Kerberos better than this simpler replacement

2002l.html#39 Moore law

2002l.html#62 Itanium2 performance data from SGI

2002o.html#40 I found the Olsen Quote

2002o.html#42 use of RADIUS

2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to

2002p.html#52 Cirtificate Authorities 'CAs', how curruptable are they to

2002q.html#17 Difference between AAA and Radius?

2003.html#46 Horror stories: high system call overhead

2003.html#50 Origin of Kerberos

2003b.html#49 Authentication w/o user ids and passwords

2003b.html#65 Storing digital IDs on token for use with Outlook

aadsm13.htm#16 A challenge

aadsm13.htm#38 The case against directories

aadsm14.htm#6 The case against directories

2003h.html#55 PKINIT

2003j.html#25 Idea for secure login

aepay11.htm#70 Confusing Authentication and Identiification? (addenda)

2003n.html#16 log on windows xp with smartcard

2003n.html#35 ftp authentication via smartcard

aadsm16.htm#19 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before

aadsm16.htm#24 Ousourced Trust (was Re: Difference between TCPA