Collected Postings

2013- Collected Postings, 2011-2012 Collected Postings, 2009-2010 Collected Postings, 2007-2008 Collected Postings, 2005-2006 Collected Postings, 2003-2004 Collected Postings, 2001-2002 Collected Postings, 1993-2000 Collected Postings, Internet History Postings, Old EMAIL Index

Payment Gateway moved to: subnetwork.html#gateway
Client and Radius Authentication
SSL Domain Name Server Certificates
X9.59, Identity, Authentication, and Privacy
Misc. Relying Party Certificates
Kerberos and/or pk-init
certificate-less operation
Coining the term certificate manufacturing to differentiate from PKI
Electronic Signature legislation, human signature, intent
Discussion of real-time public key distribution with DNS
Digital Certificate Payload Bloat
--
Old Public Key email from 1981

Client and Radius Authentication

aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV
aadsm2.htm#account A different architecture? (was Re: certificate path
aadsm2.htm#straw AADS Strawman
aadsm2.htm#keyl4 On leaving the 56-bit key length limitation
aadsm2.htm#pkikrb PKI/KRB
aepay2.htm#privrule3 U.S. firms gird for privacy rules
aepay4.htm#comcert6 Merchant Comfort Certificates
aepay4.htm#comcert7 Merchant Comfort Certificates
aepay4.htm#rfc2807b RFC 2807 published today XML Signature Requirements
aepay4.htm#rfc2807c RFC 2807 published today XML Signature Requirements
ansiepay.htm#x959demo X9.59/AADS demos operational
99.html#216 Ask about Certification-less Public Key
99.html#217 AADS/X9.59 demo & standards at BAI (world-wide retail banking) show
99.html#224 X9.59/AADS announcement at BAI this week
99.html#229 Digital Signature on SmartCards
99.html#230 Radius Help help!!!
99.html#235 Attacks on a PKI
2000.html#33 SmartCard with ECC crypto
2000.html#47 TLS: What is the purpose of the client certificate request?
2000.html#57 RealNames hacked. Firewall issues
2000b.html#90 Question regarding authentication implementation
2000b.html#92 Question regarding authentication implementation
2000c.html#2 Financial Stnadards Work group?
2001c.html#8 Server authentication
2001c.html#9 Server authentication
2001c.html#34 PKI and Non-repudiation practicalities
2001d.html#20 What is PKI?
2001d.html#21 What is PKI?
2001d.html#46 anyone have digital certificates sample code
aepay6.htm#userauth MS masters NC mind-set (authentication is the key)
2001g.html#1 distributed authentication
2001g.html#3 distributed authentication
2001g.html#26 distributed authentication
aadsm6.htm#nonreput Sender and receiver non-repudiation
aadsm6.htm#nonreput2 Sender and receiver non-repudiation
aepay7.htm#ssexploitShared-Secret exploit
2001h.html#74 Net banking, is it safe???
2001i.html#9 Net banking, is it safe???
2001j.html#49 Are client certificates really secure?
2001k.html#59 intranet security and user authentication questions
aadsm7.htm#auth Who or what to authenticate?
2001k.html#63 how to start write a Firewall authentication client software
aadsm7.htm#auth2 Who or what to authenticate?
aadsm7.htm#idcard AGAINST ID CARDS
aadsm7.htm#idcard2 AGAINST ID CARDS
aadsm9.htm#cfppki5 CFP: PKI research workshop
2002e.html#52 PKI and Relying Parties
2002l.html#3 why is Kerberos better than this simpler replacement
2002l.html#4 why is Kerberos better than this simpler replacement
2002o.html#42 use of RADIUS
2003.html#50 Origin of Kerberos
2003d.html#42 Authentification vs Encryption in a system to system interface
aadsm13.htm#30 How effective is open source crypto? (aads addenda)
2003e.html#57 Security in RADIUS (RFC2865)
2003e.html#58 Security in RADIUS (RFC2865)
2003g.html#70 Simple resource protection with public keys
2003h.html#13 Authentication protocol
2003h.html#18 Authentication protocol
aadsm14.htm#27 Maybe It's Snake Oil All the Way Down
2003j.html#25 Idea for secure login
aepay11.htm#70 Confusing Authentication and Identiification? (addenda)
2003m.html#1 Password / access rights check
2003m.html#50 public key vs passwd authentication?
2004h.html#21 Basics of key authentication
2005d.html#18 Digital signature with Javascript
2005g.html#48 "Best practices" or "Best implementations"?
2005g.html#49 "Best practices" or "Best implementations"?
2005i.html#2 Certificate Services
2005i.html#3 General PKI Question
2005i.html#4 Authentication - Server Challenge
2005i.html#23 The Worth of Verisign's Brand
2005i.html#27 REPOST: Authentication, Authorization TO Firewall
2005i.html#36 Improving Authentication on the Internet
2005j.html#18 Repository for digital certificates
aadsm19.htm#43 massive data theft at MasterCard processor
2005.html#5 Globus/GSI versus Kerberos
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005m.html#37 public key authentication
2005n.html#43 X509 digital certificate for offline solution
2005n.html#51 IPSEC and user vs machine authentication
2005o.html#9 Need a HOW TO create a client certificate for partner access
aadsm20.htm#37 Another entry in the internet security hall of shame
aadsm20.htm#38 Another entry in the internet security hall of shame
aadsm21.htm#4 Another entry in the internet security hall of shame
aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
aadsm21.htm#8 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
2005p.html#33 Digital Singatures question
2005p.html#35 PKI
2005p.html#40 how password is stored and check the authentication??
2005q.html#1 Effective micropayments
2005q.html#13 IPSEC with non-domain Server
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#29 IPSEC wireless router ?
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2006c.html#35 X.509 and ssh
2006i.html#13 Multi-layered PKI implementation
2006i.html#25 Benefits of PKI - 5,000 nodes organization
aadsm23.htm#52 Status of opportunistic encryption
aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#8 Microsoft - will they bungle the security game?
2006u.html#4 ssh - password control or key control?
2006v.html#49 Patent buster for a method that increases password security
2007.html#15 SSL info
2007f.html#60 Certificates
2007u.html#51 folklore indeed
2007u.html#76 folklore indeed
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#31 Fixing SSL (was Re: Dutch Transport Card Broken)
2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008k.html#40 Calling Out
2008k.html#51 The PKC-only application security model
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008n.html#70 Could you please tell me about RADIUS authentication and how it works?
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2008r.html#48 Dilbert is non-fiction
2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009g.html#75 Radius Server Or AAA Server
2009k.html#72 Client Certificate UI for Chrome?
2009l.html#6 Cyber attackers empty business accounts in minutes
2009m.html#22 PCI SSC Seeks standard for End to End Encryption?
2010f.html#3 Why is Kerberos ever used, rather than modern public key cryptography?
2010l.html#63 A mighty fortress is our PKI, Part II
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012b.html#71 Password shortcomings
2012j.html#54 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012j.html#62 The Myth of Password Complexity & Frequent Change Rules
2014g.html#37 Special characters for Passwords

top, by subject: technology, networking, public key, integrity, Boyd - home


SSL Domain Name Server Certificates

aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV
aadsm2.htm#integrity Scale (and the SRV record)
aadsm3.htm#kiss1KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm3.htm#kiss3KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss4KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss5 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss6KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss7KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss8KISS for PKIX
aadsm3.htm#kiss9KISS for PKIX .... password/digital signature
aadsm3.htm#kiss10KISS for PKIX. (authentication/authorization seperation)
aadsm5.htm#asrn2 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn3 Assurance, e-commerce, and some x9.59 ... fyi
aepay3.htm#sslset2 "SSL & SET Query" ... from usenet group
aepay4.htm#comcert Merchant Comfort Certificates
aepay4.htm#comcert3 Merchant Comfort Certificates
aepay4.htm#comcert5 Merchant Comfort Certificates
aepay4.htm#comcert9 Merchant Comfort Certificates
aepay4.htm#comcert10 Merchant Comfort Certificates
aepay4.htm#comcert11 Merchant Comfort Certificates
aepay4.htm#comcert12 Merchant Comfort Certificates
aepay4.htm#comcert13 Merchant Comfort Certificates
aepay4.htm#comcert14 Merchant Comfort Certificates
aepay4.htm#comcert16 Merchant Comfort Certificates
aepay4.htm#dnsinteg2 Domain Name integrity problem
aepay4.htm#3dssl VISA 3D-SSL
aepay6.htm#gaopki4 GAO: Government faces obstacles in PKI security adoption
2000b.html#40 general questions on SSL certificates
2000b.html#93 Question regarding authentication implementation
2000e.html#40 Why trust root CAs?
2000e.html#47 Why trust root CAs?
2000e.html#50 Why trust root CAs?
2000e.html#51 Why trust root CAs?
2000g.html#25 SSL as model of security
2001c.html#8 Server authentication
2001c.html#9 Server authentication
2001c.html#62 SSL weaknesses
2001e.html#26 Can I create my own SSL key?
2001e.html#27 Can I create my own SSL key?
2001e.html#33 Can I create my own SSL key?
2001e.html#35 Can I create my own SSL key?
2001e.html#36 Can I create my own SSL key?
2001e.html#37 Can I create my own SSL key?
2001e.html#39 Can I create my own SSL key?
2001e.html#40 Can I create my own SSL key?
2001e.html#43 Can I create my own SSL key?
2001e.html#46 Can I create my own SSL key?
aadsm5.htm#conpki The Fundamental Inadequacies of Conventional PKI
2001e.html#49 Can I create my own SSL key?
2001e.html#56 Need explaination of PKI and Kerberos
aepay6.htm#crlwork do CRL's actually work?
aadsm5.htm#dspki use of digital signatures and PKI
aepay6.htm#dspki use of digital signatures and PKI
aepay6.htm#pkimort Problem with the (lingering) death of x.509 PKI ... forwarded ... fyi
2001g.html#2 Root certificates
2001g.html#10 Root certificates
2001g.html#16 Root certificates
2001g.html#17 Root certificates
2001g.html#19 Root certificates
2001g.html#21 Root certificates
2001g.html#25 Root certificates
2001g.html#31 Root certificates
2001g.html#40 Self-Signed Certificate
2001h.html#4 PKI/Digital signature doesn't work
2001h.html#6 PKI/Digital signature doesn't work
2001j.html#8 PKI (Public Key Infrastructure)
2001k.html#6 Is VeriSign lying???
2001l.html#22 Web of Trust
2001l.html#26 voice encryption box (STU-III for the masses)
2001l.html#29 voice encryption box (STU-III for the masses)
2001l.html#31 voice encryption box (STU-III for the masses)
aadsm8.htm#softpki Software for PKI
aadsm8.htm#softpki2 Software for PKI
aadsm8.htm#softpki3 Software for PKI
aadsm8.htm#softpki4 Software for PKI
aadsm8.htm#softpki5 Software for PKI
aadsm8.htm#softpki6 Software for PKI
aadsm8.htm#softpki7 Software for PKI
aadsm8.htm#softpki8 Software for PKI
aadsm8.htm#softpki9 Software for PKI
aadsm8.htm#softpki10 Software for PKI
aadsm8.htm#softpki11 Software for PKI
aadsm8.htm#softpki12 Software for PKI
2001m.html#21 misc. SSL
aadsm8.htm#softpki14 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki20 DNSSEC (RE: Software for PKI)
2001m.html#35 CA Certificate Built Into Browser Confuse Me
2001m.html#37 CA Certificate Built Into Browser Confuse Me
2001m.html#41 Solutions to Man in the Middle attacks?
2001n.html#57 Certificate Authentication Issues in IE and Verisign
2001n.html#58 Certificate Authentication Issues in IE and Verisign
2001n.html#73 A PKI question and an answer
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm9.htm#cfppki6 CFP: PKI research workshop
aadsm10.htm#cfppki20 CFP: PKI research workshop
2002d.html#47 SSL MITM Attacks
2002e.html#56 PKI and Relying Parties
2002e.html#72 Digital certificate varification
2002g.html#65 Real man-in-the-middle attacks?
2002j.html#38 MITM solved by AES/CFB - am I missing something?!
2002j.html#58 SSL integrity guarantees in abscense of client certificates
2002j.html#59 SSL integrity guarantees in abscense of client certificates
2002j.html#61 SSL integrity guarantees in abscense of client certificates<
2002j.html#79 Q: Trust in an X.509 certificate
2002k.html#11 Serious vulnerablity in several common SSL implementations?
2002m.html#30 Root certificate definition
2002m.html#64 SSL certificate modification
2002m.html#65 SSL certificate modification
2002n.html#2 SRP authentication for web app
2002o.html#7 Are ssl certificates all equally secure?
2002o.html#10 Are ssl certificates all equally secure?
2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#10 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#11 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#12 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#17 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#18 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#19 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#20 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#21 Cirtificate Authorities 'CAs', how curruptable are they to
aepay10.htm#75 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.htm#76 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.htm#77 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.htm#78 ssl certs
aepay10.htm#79 ssl certs
aepay10.htm#80 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.htm#81 SSL certs & baby steps
aepay10.htm#82 SSL certs & baby steps (addenda)
aepay10.htm#83 SSL certs & baby steps
aadsm12.htm#67 Offline Root CA with valid CRL hierachie
2003.html#52 SSL & Man In the Middle Attack
2003.html#63 SSL & Man In the Middle Attack
aepay11.htm#5 Self-Regulating SSL Certificate Authority
aadsm13.htm#10 X.500, LDAP Considered harmful Was: OCSP/LDAP
2003d.html#29 SSL questions
2003d.html#30 SSL questions
aadsm13.htm#25 Certificate Policies (addenda)
aadsm13.htm#26 How effective is open source crypto?
aadsm13.htm#28 How effective is open source crypto? (addenda)
aadsm13.htm#29 How effective is open source crypto? (bad form)
aadsm13.htm#32 How effective is open source crypto? (bad form)
aadsm13.htm#33 How effective is open source crypto? (bad form)
aadsm13.htm#34 How effective is open source crypto? (bad form)
aadsm13.htm#35 How effective is open source crypto? (bad form)
aadsm13.htm#36 How effective is open source crypto? (bad form)
aadsm13.htm#37 How effective is open source crypto?
2003f.html#25 New RFC 3514 addresses malicious network traffic
aadsm14.htm#9 "Marginot Web" (SSL, payments, etc)
aadsm14.htm#36 An attack on paypal
aadsm14.htm#37 Keyservers and Spam
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003l.html#43 Proposal for a new PKI model (At least I hope it's new)
2003l.html#45 Proposal for a new PKI model (At least I hope it's new)
2003l.html#46 Proposal for a new PKI model (At least I hope it's new)
2003l.html#51 Proposal for a new PKI model (At least I hope it's new)
2003l.html#52 Proposal for a new PKI model (At least I hope it's new)
2003l.html#53 Proposal for a new PKI model (At least I hope it's new)
2003l.html#54 Proposal for a new PKI model (At least I hope it's new)
2003l.html#55 Proposal for a new PKI model (At least I hope it's new)
2003l.html#57 Proposal for a new PKI model (At least I hope it's new)
2003l.html#60 Proposal for a new PKI model (At least I hope it's new)
aadsm15.htm#7 Is cryptography where security took the wrong branch?
aadsm15.htm#16 how simple is SSL? (Re: Monoculture)
2003n.html#10 Cracking SSL
aadsm15.htm#26 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
2003p.html#20 Dumb anti-MITM hacks / CAPTCHA application
2004b.html#39 SSL certificates
2004b.html#40 SSL certificates
2004b.html#41 SSL certificates
aadsm17.htm#18 PKI International Consortium
aadsm17.htm#37 Moving forward with pre-shared keys
2004g.html#6 Adding Certificates
aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#14 In Search of Eve - the upper boundary on Mallory
aadsm18.htm#15 In Search of Eve - the upper boundary on Mallory
aadsm18.htm#16 In Search of Eve - the upper boundary on Mallory
2004h.html#28 Convince me that SSL certificates are not a big scam
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#59 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#2 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004m.html#12 How can I act as a Certificate Authority (CA) with openssl ??
aadsm18.htm#43 SSL/TLS passive sniffing
2004q.html#42 browser without "padlock" secure?
2004q.html#53 [Lit.] Buffer overruns
2005.html#35 Do I need a certificat?
2005b.html#32 Noobie SSL certificate problem
2005c.html#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
2005e.html#22 PKI: the end
2005e.html#25 PKI: the end
2005e.html#26 PKI: the end
2005e.html#27 PKI: the end
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#51 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005f.html#9 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005f.html#20 Some questions on smart cards (Software licensing using smart cards)
aadsm19.htm#8 GeoTrust says existing PKI practices are worthless
2005g.html#0 What is a Certificate?
2005g.html#1 What is a Certificate?
2005g.html#9 What is a Certificate?
2005g.html#44 Maximum RAM and ROM for smartcards
2005g.html#45 Maximum RAM and ROM for smartcards
2005g.html#50 Maximum RAM and ROM for smartcards
2005h.html#8 keysigning: identity checks
2005h.html#27 How do you get the chain of certificates & public keys securely
2005h.html#29 Dealing with warning that certifcate can't be trusted?
2005i.html#0 More Phishing scams, still no SSL being used
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#3 General PKI Question
aadsm19.htm#13 What happened with the session fixation bug?
2005i.html#7 Improving Authentication on the Internet
2005i.html#8 More Phishing scams, still no SSL being used
2005i.html#9 More Phishing scams, still no SSL being used
2005i.html#21 The Worth of Verisign's Brand
2005i.html#34 The Worth of Verisign's Brand
2005i.html#36 Improving Authentication on the Internet
aadsm19.htm#17 What happened with the session fixation bug?
2005k.html#29 More Phishing scams, still no SSL being used
2005k.html#60 The Worth of Verisign's Brand
2005l.html#1 The Worth of Verisign's Brand
aadsm19.htm#42 massive data theft at MasterCard processor
2005l.html#21 The Worth of Verisign's Brand
2005l.html@23 The Worth of Verisign's Brand
2005l.html#24 The Worth of Verisign's Brand
2005l.html#32 More Phishing scams, still no SSL being used
2005m.html#0 simple question about certificate chains
2005m.html#1 Creating certs for others (without their private keys)
2005m.html#18 S/MIME Certificates from External CA
aadsm20.htm#9 the limits of crypto and authentication
2005m.html#45 Digital ID
2005n.html#5 Wildcard SSL Certificates
2005n.html#9 Which certification authority to use
aadsm20.htm#26 [Clips] Does Phil Zimmermann need a clue on VoIP?
aadsm20.htm#27 [Clips] Does Phil Zimmermann need a clue on VoIP?
aadsm20.htm#31 The summer of PKI love
aadsm20.htm#32 How many wrongs do you need to make a right?
aadsm20.htm#37 Another entry in the internet security hall of shame
2005o.html#41 Certificate Authority of a secured P2P network
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
aadsm20.htm#43 Another entry in the internet security hall of shame
2005p.html#32 PKI Certificate question
2005q.html#29 IPSEC wireless router ?
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2005s.html#49 phishing web sites using self-signed certs
2005t.html#0 TTP and KCM
2005t.html#6 phishing web sites using self-signed certs
2005t.html#32 RSA SecurID product
2005t.html#34 RSA SecurID product
aadsm21.htm#22 Broken SSL domain name trust model
aadsm21.htm#23 Broken SSL domain name trust model
aadsm21.htm#24 Broken SSL domain name trust model
2005u.html#2 PGP Lame question
2005u.html#8 PGP Lame question
2005u.html#9 PGP Lame question
aadsm21.htm#28 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#36 browser vendors and CAs agreeing on high-assurance certificates
aadsm21.htm#39 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#40 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm22.htm#0 GP4.3 - Growth and Fraud - Case #3 - Phishing
2006.html#33 The new High Assurance SSL Certificates
2006c.html#10 X.509 and ssh
2006c.html#13 X.509 and ssh
aadsm22.htm#17 Major Browsers and CAS announce balkanisation of Internet Security
2006c.html#35 X.509 and ssh
2006c.html#36 Secure web page?
2006c.html#38 X.509 and ssh
2006c.html#39 X.509 and ssh
2006d.html#26 Caller ID "spoofing"
2006d.html#28 Caller ID "spoofing"
2006d.html#29 Caller ID "spoofing"
aadsm22.htm#18 "doing the CA statement shuffle" and other dances
aadsm22.htm#19 "doing the CA statement shuffle" and other dances
2006e.html#42 SSL Certificate Signing
2006f.html#15 trusted certificates and trusted repositories
2006f.html#17 trusted certificates and trusted repositories
2006f.html#29 X.509 and ssh
2006f.html#32 X.509 and ssh
2006f.html#33 X.509 and ssh
2006f.html#34 X.509 and ssh
aadsm23.htm#3 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006h.html#27 confidence in CA
2006h.html#34 The Pankian Metaphor
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
2006j.html#47 where do I buy a SSL certificate?
2006j.html#48 where do I buy a SSL certificate?
2006k.html#2 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
aadsm23.htm#47 Status of opportunistic encryption
aadsm24.htm#24 It's official! SSH whips HTTPS butt! (in small minor test of no import....)
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#33 Threatwatch - 2-factor tokens attacked by phishers
aadsm24.htm#44 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm25.htm#17 Hamiltonian path as protection against DOS
2006p.html#7 SSL, Apache 2 and RSA key sizes
aadsm25.htm#36 signing all outbound email
2006s.html#11 Why not 2048 or 4096 bit RSA key issuance?
2006t.html#2 Is the teaching of non-reentrant HLASM coding practices ever defensible?
2006t.html#8 Root CA CRLs
aadsm26.htm#1 Extended Validation - setting the minimum liability, the CA trap, the market in browser governance
2006v.html#49 Patent buster for a method that increases password security
2006w.html#15 more secure communication over the network
2006x.html#36 SSL security with server certificate compromised
2006y.html#7 Securing financial transactions a high priority for 2007
2007.html#7 SSL info
2007.html#15 SSL info
2007.html#17 SSL info
2007b.html#53 Forbidding Special characters in passwords
2007c.html#30 Securing financial transactions a high priority for 2007
2007c.html#51 Securing financial transactions a high priority for 2007
aadsm26.htm#25 EV - what was the reason, again?
aadsm26.htm#26 man in the middle, SSL
aadsm26.htm#27 man in the middle, SSL ... addenda
aadsm26.htm#28 man in the middle, SSL
2007d.html#26 Securing financial transactions a high priority for 2007
aadsm26.htm#31 man in the middle, SSL ... addenda 2
aadsm26.htm#32 Failure of PKI in messaging
aadsm26.htm#33 Failure of PKI in messaging ... addenda
aadsm26.htm#34 Failure of PKI in messaging
2007d.html#35 MAC and SSL
2007d.html#36 MAC and SSL
2007d.html#60 SLL Certificate
2007d.html#67 SLL Certificate
2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
2007f.html#75 Securing financial transactions a high priority for 2007
2007g.html#32 Can SSL sessions be compromised?
2007g.html#38 Can SSL sessions be compromised?
2007g.html#60 Can SSL sessions be compromised?
2007g.html#63 The Perfect Computer - 36 bits?
2007g.html#50 DNSSEC to be strangled at birth
aadsm26.htm#51 The One True Identity -- cracks being examined, filled, and rotted out from the inside
aadsm26.htm#52 The One True Identity -- cracks being examined, filled, and rotted out from the inside
aadsm26.htm#53 The One True Identity -- cracks being examined, filled, and rotted out from the inside
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#21 asymmetric cryptography + digital signature
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#67 SSL vs. SSL over tcp/ip
aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
2007k.html#32 SSL Security
aadsm27.htm#14 307 digit number factored
aadsm27.htm#15 307 digit number factored
aadsm27.htm#16 dnssec?
aadsm27.htm#18 PKI moving to adopt the plugin model -- realignment to security based on user-needs?
aadsm27.htm#19 307 digit number factored
aadsm27.htm#20 307 digit number factored
2007k.html#79 John W. Backus, 82, Fortran developer, dies
2007l.html#0 John W. Backus, 82, Fortran developer, dies
2007l.html#6 John W. Backus, 82, Fortran developer, dies
2007l.html#41 My Dream PC -- Chip-Based
2007m.html#41 X.509 weakness?
aadsm27.htm#30 A secure Internet requires a secure network protocol
2007n.html#5 John W. Backus, 82, Fortran developer, dies
2007n.html#9 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#35 The bank fraud blame game
207q.html#1 what does xp do when system is copying
2007q.html#30 what does xp do when system is copying
aadsm27.htm#62 Fingerprint Firefox Plugin?
2007q.html#72 Value of SSL client certificates?
2007r.html#12 How to tell a fake SSL certificate from a real one
2007r.html#17 How to tell a fake SSL certificate from a real one
2007r.html#18 How to tell a fake SSL certificate from a real one
2007r.html#19 How to tell a fake SSL certificate from a real one
2007r.html#24 How to tell a fake SSL certificate from a real one
2007s.html#23 The new urgency to fix online privacy
2007t.html#61 Crypto Related Posts
2007u.html#76 folklore indeed
2008.html#61 1975 movie "Three Days of the Condor" tech stuff
aadsm28.htm#21 Dutch Transport Card Broken
aadsm28.htm#47 delegating SSL certificates
aadsm28.htm#48 World's biggest PKI goes open source: DogTag is released
aadsm28.htm#79 User interface, security, and "simplicity"
2008h.html#72 SSL certificates - from a customer's point of view (trust)
aadsm28.htm#82 Can we copy trust?
2008i.html#70 Next Generation Security
2008j.html#63 CLIs and GUIs
2008k.html#29 dollar coins
2008k.html#74 Top 10 vulnerabilities for service orientated architecture?
2008l.html#28 Verifying Verified By Visa - Registration breaks chain of trust
2008l.html#34 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#46 z/OS BIND9 DNS Vulnerable to Cache Poisoning Attack Problem?
2008l.html#50 IBM manual web pages
2008l.html#52 Quality of IBM school clock systems?
2008l.html#69 Verifying Verified By Visa - Registration breaks chain of trust
2008n.html#55 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#92 How did http get a port number as low as 80?
2008n.html#93 How did http get a port number as low as 80?
2008n.html#96 Wachovia Bank web site
2008n.html#100 Wachovia Bank web site
2008o.html#4 Wachovia Bank web site
2008o.html#11 Browser Security UI: the horns of the dilemma
2008q.html#3 GPG
2008q.html#72 https question
2008s.html#72 CA issues no-questions asked Mozilla cert
2008s.html#76 Boffins bust web authentication with game consoles
2008s.html#78 Boffins bust web authentication with game consoles
2009.html#7 Swedish police warn of tampered credit card terminals
2009.html#56 Data losses set to soar
2009b.html#33 Phish-Pharming: Using social engineering to hijack domains at the source
2009b.html#70 Amazon Launches Flexible Payments As a Commercial Service
2009c.html#50 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009c.html#58 Has anyone seen a lift from using an Extended Validation SSL Certificate?
2009c.html#60 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009c.html#63 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009f.html#14 SSL: Broken Even More
2009g.html#48 Inventor: SSL security woes are really the fault of browser design
2009g.html#57 LexisNexis says its data was used by fraudsters
2009j.html#20 Kaminsky interview: DNSSEC addresses cross-organizational trust and security
2009j.html#25 Database Servers: Candy For Hackers
2009j.html#57 How can we stop Credit card FRAUD?
2009k.html#21 Security certificate warnings don't work, researchers say
2009k.html#23 Security certificate warnings don't work, researchers say
2009k.html#33 Trouble in PKI land
2009k.html#38 More holes found in Web's SSL security protocol
2009k.html#46 More holes found in Web's SSL security protocol
2009k.html#53 A Complete History Of Mainframe Computing
2009k.html#60 The satate of software
2009l.html#57 Linkedin digital certificate today
2009m.html#7 Need new 3270 emulator: SSH, inexpensive, reliable
2009m.html#41 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009n.html#6 OSS's Simple Sabotage Field Manual
2009o.html#3 Sophisticated cybercrooks cracking bank security efforts
2009o.html#22 Rogue PayPal SSL Certificate Available in the Wild - IE, Safari and Chrome users beware
2009o.html#54 Should SSL be enabled on every website?
2009p.html#29 Computer Experts Deconstruct FDIC Email Scam
2009p.html#88 Kaminsky Bug Options Include "Do Nothing," Says IETF
2009r.html#32 SSL certificates and keys
2009r.html#36 SSL certificates and keys
2010b.html#62 Happy DEC-10 Day
2010b.html#69 Happy DEC-10 Day
2010b.html#70 Happy DEC-10 Day
2010e.html#19 What's with IBMLINK now??
2010f.html#3 Why is Kerberos ever used, rather than modern public key cryptography?
2010f.html#71 Law Enforcement Appliance Subverts SSL
2010f.html#80 Law Enforcement Appliance Subverts SSL
2010f.html#92 Why do most websites use HTTPS only while logging you in...and not for the entire session?
2010g.html#10 Gov't coerced Certs thwart SSL/TLS
2010g.html#14 Gov't coerced Certs thwart SSL/TLS
2010g.html#65 Fraudsters Can Easily Buy SSL Certificates, Researcher Finds
2010g.html#74 Unknown SSL credential could imperil Firefox, Mac users
2010g.html#79 In SSL We Trust? Not Lately
2010g.html#84 In SSL We Trust? Not Lately
2010h.html#25 In SSL We Trust? Not Lately
2010h.html#54 Trust Facade
2010h.html#69 Idiotic programming style edicts
2010i.html#51 Visa fraud alert puts banks, payment processors on guard
2010l.html#57 A mighty fortress is our PKI
2010l.html#58 A mighty fortress is our PKI
2010l.html#62 A mighty fortress is our PKI
2010l.html#71 A slight modification of my comments on PKI
2010l.html#79 Five Theses on Security Protocols
2010l.html#82 Five Theses on Security Protocols
2010m.html#3 Five Theses on Security Protocols
2010m.html#50 Has there been a change in US banking regulations recently?
2010m.html#51 Has there been a change in US banking regulations recently?
2010m.html#60 towards https everywhere and strict transport security
2010m.html#70 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#75 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#76 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#77 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#89 UAE Man-in-the-Middle Attack Against SSL
2010n.html#0 UAE Man-in-the-Middle Attack Against SSL
2010n.html#2 UAE Man-in-the-Middle Attack Against SSL
2010n.html#4 zSecurity blog post - "READ is not benign"
2010n.html#24 A question about HTTPS
2010n.html#37 Do we really need to care about DNS Security?
2010o.html#9 On Scope Scrinkage in PCI DSS
2010o.html#23 Spooky Myths that Trick Merchants When It Comes to Secure Payments Processes
2010o.html#31 Survey Outlines Compliance Challenge Among Small Merchants
2010o.html#36 Cookies Are Dead in the Fight Against Fraud
2010o.html#42 Facebook and Twitter fail basic security test
2010o.html#44 A Wolf In Sheep's Clothing - New Threat
2010o.html#45 A Wolf In Sheep's Clothing - New Threat
2011e.html#71 Fraudulent certificates issued for major websites
2011f.html#14 How is SSL hopelessly broken? Let us count the ways
2011f.html#25 Fear the Internet, was Cool Things You Can Do in z/OS
2011g.html#11 Is the magic and romance killed by Windows (and Linux)?
2011g.html#18 Fight Fraud with Device ID
2011g.html#24 Fight Fraud with Device ID
2011g.html#60 Is the magic and romance killed by Windows (and Linux)?
2011h.html#59 SSL digital certificates
2011j.html#63 Why do defenders keep losing to smaller cyberwarriors?
2011k.html#64 Fraudulent Google credential found in the wild
2011k.html#65 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011l.html#48 Does outsourcing cause data loss?
2011l.html#72 Selectric Typewriter--50th Anniversary
2011m.html#11 PKI "fixes" that don't fix PKI
2011m.html#23 Benefits of Online Banking
2011m.html#48 ISBNs
2011m.html#54 Any candidates for best acronyms?
2011n.html#0 Before Netscape: the forgotten Web browsers of the early 1990s
2011n.html#6 Founders of SSL Call Game Over?
2011o.html#54 Speed: Re: Soups
2011p.html#2 What the heck is cloud computer and why does it matter
2012.html#65 Reject gmail
2012.html#91 Has anyone successfully migrated off mainframes?
2012.html#97 Is SSL Cert Holder ID Verification A Joke?
2012b.html#17 Time To Scrap SSL?
2012b.html#69 PKI and SSL - the jaws of trust snap shut
2012b.html#94 public key, encryption and trust
2012c.html#7 The Convergence of PKI
2012d.html#20 Writing article on telework/telecommuting
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012i.html#35 US Senate proposes national data breach notification act
2012j.html#53 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012l.html#67 Strings (hijacked from: The IBM zEnterprise EC12 announcment)
2012n.html#71 history of Programming language and CPU in relation to each other
2013c.html#2 Legal Lessons from PATCO Fraud Case
2013c.html#34 The United States is leaking 1TB of data daily to foreign countries
2013f.html#45 Reports: IBM may sell x86 server business to Lenovo
2013f.html#47 Pirate Bay co-founder charged with hacking IBM mainframes, stealing money
2013f.html#70 How internet can evolve
2013g.html#40 The Vindication of Barb
2013i.html#46 OT: "Highway Patrol" back on TV
2013j.html#33 8080 BASIC
2013o.html#79 Would Target cybersecurity breach occur with a digital ID system?
2014b.html#23 Quixotically on-topic post, still on topic
2014d.html#13 Royal Pardon For Turing
2014e.html#7 Last Gasp for Hard Disk Drives
2014e.html#31 U.S. States Investigating Breach at Experian
2014e.html#56 "NSA foils much internet encryption"
2014e.html#78 How the Internet wasn't Commercial Dataprocessing
2014f.html#8 Is cybersecurity the next banking crisis in the making?
2014g.html#7 [Cryptography] Is it time for a revolution to replace TLS?
2014j.html#78 Firefox 32 supports Public Key Pinning
2014j.html#98 Cybersecurity

top, by subject: technology, networking, public key, integrity, Boyd - home


X9.59, Identity, Authentication, and Privacy

aadsm2.htm#anon anonymity in current infrastructure
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#mauthauth Human Nature
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#straw AADS Strawman
aadsm4.htm#9 Thin PKI won - You lost
aadsm5.htm#x959 X9.59 Electronic Payment Standard
aadsm5.htm#xmlvch implementations of "XML Voucher: Generic Voucher Language"?
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsmail.htm#mfraud AADS, X9.59, security, flaws, privacy
aadsmail.htm#vbank Statistical Attack Against Virtual Banks (fwd)
aepay2.htm#aadspriv Account Authority Digital Signatures ... in support of x9.59
aepay2.htm#morepriv [E-CARM] AADS, x9.59, & privacy
aepay2.htm#privrules U.S. firms gird for privacy rules
aepay2.htm#privrule2 U.S. firms gird for privacy rules
aepay2.htm#privrule3 U.S. firms gird for privacy rules
aepay3.htm#riskm The Thread Between Risk Management and Information Security
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay3.htm#gap2 [ISN] Card numbers, other details easily available at online stores
aepay3.htm#privacy misc. privacy
aepay3.htm#x959risk2 Risk Management in AA / draft X9.59
aepay3.htm#smrtcrd Smart Cards with Chips encouraged ... fyi
aepay4.htm#privis privacy issues
aepay5.htm#pkiillfit Some PKI references from yesterday's SlashDot
aepay6.htm#harvest2shared-secrets, CC#, & harvesting CC#
aepay6.htm#dsdebate Digital Signatures Spark Debate
ansiepay.htm#privacy more on privacy
ansiepay.htm#x959bai X9.59/AADS announcement at BAI
ansiepay.htm#theorySecurity breach raises questions about Internet shopping
ansiepay.htm#scaads X9.59 related press release at smartcard forum
98.html#0 Account Authority Digital Signature model
98.html#41 AADS, X9.59, & privacy
98.html#48 X9.59 & AADS
99.html#165 checks (was S/390 on PowerPC?)
99.html#171 checks (was S/390 on PowerPC?)
99.html#189 Internet Credit Card Security
99.html#216 Ask about Certification-less Public Key
99.html#217 AADS/X9.59 demo & standards at BAI (world-wide retail banking) show
99.html#224 X9.59/AADS announcement at BAI this week
99.html#228 Attacks on a PKI
99.html#229 Digital Signature on SmartCards
2000.html#36 "Trusted" CA - Oxymoron?
2000.html#60 RealNames hacked. Firewall issues
2000b.html#40 general questions on SSL certificates
2000b.html#53 Digital Certificates-Healthcare Setting
2000b.html#90 Question regarding authentication implementation
2000c.html#26 The first "internet" companies?
2000f.html#72 SET; was Re: Why trust root CAs?
2000g.html#5 e-commerce: Storing Credit Card numbers safely
2000g.html#33 does CA need the proof of acceptance of key binding?
2000g.html#34 does CA need the proof of acceptance of key binding?
2001.html#67 future trends in asymmetric cryptography
2001.html#73 how old are you guys
2001b.html#14 IBM's announcement on RVAs
2001b.html#85 what makes a cpu fast
2001c.html#42 PKI and Non-repudiation practicalities
2001c.html#56 PKI and Non-repudiation practicalities
2001c.html#57 PKI and Non-repudiation practicalities
2001c.html#58 PKI and Non-repudiation practicalities
2001c.html#72 PKI and Non-repudiation practicalities
2001d.html#7 Invalid certificate on 'security' site
2001d.html#8 Invalid certificate on 'security' site
2001d.html#19 [Newbie] Authentication vs. Authorisation?
2001d.html#41 solicit advice on purchase of digital certificate
2001e.html#26 Can I create my own SSL key?
2001e.html#33 Can I create my own SSL key?
2001e.html#35 Can I create my own SSL key?
2001e.html#36 Can I create my own SSL key?
2001f.html#15 Medical data confidentiality on network comms
2001f.html#24 Question about credit card number
2001f.html#31 Remove the name from credit cards!
aadsm5.htm#liex509 Lie in X.BlaBla
aadsm5.htm#pkimort PKI: Evolve or Die
aepay6.htm#dspki2 use of digital signatures and PKI
aepay6.htm#dspki3 use of digital signatures and PKI (addenda)
aepay6.htm#pkimort2 problem with the death of X.509 PKI (forwarded)
aepay6.htm#dspki4 use of digital signatures and PKI (addenda)
aepay6.htm#userauth2 MS masters NC mind-set (authentication is the key)
aepay6.htm#itheft "Gurard against Identity Theft" (arrived in the post today)
2001f.html#77 FREE X.509 Certificates
2001f.html#79 FREE X.509 Certificates
2001g.html#0 FREE X.509 Certificates
2001g.html#1 distributed authentication
2001g.html#11 FREE X.509 Certificates
2001g.html#12 FREE X.509 Certificates
aepay7.htm#nonrep0non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep1non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep2non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep3non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep4non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep5non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep6non-repudiation, was Re: crypto flaw in secure mail standards
2001g.html#65 PKI/Digital signature doesn't work
2001g.html#68 PKI/Digital signature doesn't work
2001h.html#53 Net banking, is it safe???
2001h.html#58 Net banking, is it safe???
aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
2001i.html#9 Net banking, is it safe???
2001i.html#53 Credit Card # encryption
2001j.html#9 E-commerce security????
aadsm6.htm#terror Did Encryption Empower These Terrorists?
aadsm6.htm#terror Did Encryption Empower These Terrorists?
aadsm6.htm#terror7 Did Encryption Empower These Terrorists?
aadsm6.htm#terror9 Did Encryption Empower These Terrorists?
aadsm6.htm#terror10 Did Encryption Empower These Terrorists?
aepay7.htm#liberty Network Identity Alliance -- Liberty Alliance Project
aadsm7.htm#cryptofree Erst-Freedom: Sic Semper Political Cryptography
aepay7.htm#edsecure4 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aadsm9.htm#privacy Seeking Privacy Online, Even as Security Tightens
aadsm9.htm#cfppki CFP: PKI research workshop
aadsm9.htm#cfppki2 CFP: PKI research workshop
aadsm9.htm#cfppki3 CFP: PKI research workshop
aadsm9.htm#cfppki4 CFP: PKI research workshop
aadsm10.htm#hackhome Hackers Targeting Home Computers
aadsm10.htm#hackhome2 Hackers Targeting Home Computers
aadsm10.htm#anonpay Crypto Winter (Re: Looking back ten years: Another Cypherpunks failure)
2002f.html#32 Biometric Encryption: the solution for network intruders?
2002f.html#34 Security and e-commerce
aadsm11.htm#6 Meaning of Non-repudiation
aadsm11.htm#6 Meaning of Non-repudiation
aadsm11.htm#17 Alternative to Microsoft Passport: Sunshine vs Hai
aadsm11.htm#28 Proposal: A replacement for 3D Secure
aadsm11.htm#45 Giuliani: ID cards won't curb freedoms
aadsm12.htm#4 3D-Secure and Passport
2002j.html#18 Symmetric-Key Credit Card Protocol on Web Site
2002l.html#35 Cryptography
2002m.html#17 A new e-commerce security proposal
2002m.html#38 Convenient and secure eCommerce using POWF
aepay10.htm#46 x9.73 Cryptographic Message Syntax
2002m.html#53 Authentication of others is a privilege, not a right
2002m.html#55 Beware, Intel to embed digital certificates in Banias
aadsm12.htm#32 Employee Certificates - Security Issues
2002n.html#13 Help! Good protocol for national ID card?
2002n.html#30 Help! Good protocol for national ID card?
aadsm12.htm#37 Legal entities who sign
aadsm12.htm#38 Legal entities who sign
aepay10.html#55 Meeting to mull privacy standard's next step
aadsm12.htm#39 Identification = Payment Transaction?
2002o.html#56 Certificate Authority: Industry vs. Government
2002o.html#57 Certificate Authority: Industry vs. Government
2002o.html#62 Certificate Authority: Industry vs. Government
2002o.html#67 smartcard+fingerprint
aadsm12.htm#44 Identity Theft More Often an Inside Job
aepay10.htm#60 First Data Unit Says It's Untangling Authentication
aadsm12.htm#50 Frist Data Unit Says It's Untangling Authentication
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aepay10.htm#61 First Data Unit Says It's Untangling Authentication
2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to
aadsm12.htm#52 First Data Unit Says It's Untangling Authentication
aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
aadsm12.htm#55 TTPs & AADS (part II)
aepay10.htm#62 VeriSign unveils new online identity verification services
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
2002p.html#50 Cirtificate Authorities 'CAs', how curruptable are they to
aepay10.htm#71 Invisible Ink, E-signatures slow to broadly catch on
aepay10.html#72 Invisible Ink, E-signatures slow to broadly catch on
aepay10.html#73 Invisible Ink, E-signatures slow to broadly catch on
aepay10.html#74 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay11.htm#0 identity, fingerprint, from comp.risks
aepay11.htm#1 Sun releases Liberty-enabled software
aepay11.htm#2 Sun releases Liberty-enabled software
aepay11.htm#13 Microsoft Fixes Passport to Meet EU Privacy Rules
2003b.html#65 Storing digital IDs on token for use with Outlook
aepay11.htm#14 More Identity Theft ... Security Stands in Line Behind Other Priorities
aepay11.htm#27 Solving the problem of micropayments
aepay11.htm#28 Solving the problem of micropayments
aepay11.htm#31 Privacy again a hot-button issue for legistlators
aadsm14.htm#1 Who's afraid of Mallory Wolf?
aeapy11.htm#37 Who's afraid of Mallory Wolf?
aadsm14.htm#4 Who's afraid of Mallory Wolf?
aepay11.htm#40 ID theft costs banks $1 billion a year
aepay11.htm#49 A More Anonymous Internet
aepay11.htm#50 Concern Grows About ID Theft
aadsm14.htm#10 Microsoft Identity Server Prepped For Windows Server 2003
2003h.html#29 application of unique signature
aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
aadsm14.htm#30 Maybe It's Snake Oil All the Way Down
aepay11.htm#53 Authentication white paper
aadsm14.htm#40 The real problem that https has conspicuously failed to fix
aadsm14.htm#41 certificates & the alternative view
aepay11.htm#61 HIPAA, privacy, identity theft
aepay11.htm#62 HIPAA, privacy, identity theft (addenda
aepay11.htm#66 Confusing Authentication and Identiification?
aepay11.htm#67 Confusing Authentication and Identiification?
aepay11.htm#72 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay11.htm#73 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay12.htm#0 Four Corner model. Was: Confusing Authentication and Identiification? (addenda)
aepay12.htm#2 Confusing business process, payment, authentication and identification
aepay12.htm#4 Confusing business process, payment, authentication and identification
aepay12.htm#5 Law aims to reduce identity theft
aadsm14.htm#49 replay & integrity
aadsm14.htm#54 Draft E-Authentication Policy for Federal Agencies
aepay12.htm#9 New privacy rules could mean headaches for financial services IT
aepay12.htm#10 Feds Want Banks to Warn of ID Theft
aadsm15.htm#2 Is cryptography where security took the wrong branch?
aadsm15.htm#6 x9.59
aepay12.htm#22 some X9.59 (and little FSTC) ... from crypto mailing list ... fyi
aadsm15.htm#21 Simple SSL/TLS - Some Questions
aadsm15.htm#40 FAQ: e-Signatures and Payments
2003o.html#12 Database design and confidential data protection
2003o.html#18 Database design and confidential data protection
2003p.html#17 Does OTP need authentication?
aadsm17.htm#1 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm17.htm#4 Difference between TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed)
2004b.html#25 Who is the most likely to use PK?
2004b.html#50 The SOB that helped IT jobs move to India is dead!
aadsm17.htm#12 A combined EMV and ID card
aadsm17.htm#13 A combined EMV and ID card
aadsm17.htm#18 PKI International Consortium
aadsm17.htm#20 PKI International Consortium
aadsm17.htm#21 Identity (was PKI International Consortium)
aadsm17.htm#23 PKI International Consortium
aadsm17.htm#24 Privacy, personally identifiable information, identity theft m
aadsm17.htm#25 Single Identity. Was: PKI International Consortium
2004e.html#9 Authentification classifications
aadsm17.htm#40 The future of security
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#51 authentication and authorization
aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#6 dual-use digital signature vulnerability
2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
aadsm18.htm#22 [anonsec] Re: potential new IETF WG on anonymous IPSec
aadsm18.htm#27 EMV cards as identity cards
aadsm18.htm#28 x9.99 privacy note
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#31 EMV cards as identity cards
aadsm18.htm#32 EMV cards as identity cards
aadsm18.htm#39 Financial identity is *dangerous*? (was re: Fake companies, real money)
2005.html#14 Using smart cards for signing and authorization in applets
2005i.html#4 Authentication - Server Challenge
aadsm19.htm#14 To live in interesting times - open Identity systems
2005i.html#34 The Worth of Verisign's Brand
2005i.html#36 Improving Authentication on the Internet
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#35 de-identification
2005k.html#26 More on garbage
2005k.html#55 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
aadsm19.htm#38 massive data theft at MasterCard processor
aadsm19.htm#39 massive data theft at MasterCard processor
aadsm19.htm#40 massive data theft at MasterCard processor
aadsm19.htm#44 massive data theft at MasterCard processor
2005l.html#17 The Worth of Verisign's Brand
2005l.html#22 The Worth of Verisign's Brand
2005l.html#36 More Phishing scams, still no SSL being used
2005l.html#37 More Phishing scams, still no SSL being used
aadsm19.htm#45 payment system fraud, etc
aadsm19.htm#46 the limits of crypto and authentication
aadsm19.htm#47 the limits of crypto and authentication
aadsm19.htm#48 Why Blockbuster looks at your ID
aadsm19.htm#49 Why Blockbuster looks at your ID
aadsm20.htm#1 Keeping an eye on ATM fraud
aadsm20.htm#4 the limits of crypto and authentication
aadsm20.htm#5 the limits of crypto and authentication
aadsm20.htm#11 the limits of crypto and authentication
aadsm20.htm#17 the limits of crypto and authentication
aadsm20.htm#18 the limits of crypto and authentication
2005m.html#42 public key authentication
aadsm20.htm#20 ID "theft" -- so what?
2005m.html#53 Barcode Email
2005o.html#6 X509 digital certificate for offline solution
aadsm21.htm#2 Another entry in the internet security hall of shame
aadsm21.htm#3 Is there any future for smartcards?
aadsm21.htm#13 Contactless payments and the security challenges
aadsm21.htm#18 'Virtual Card' Offers Online Security Blanket
aadsm21.htm#19 mixing authentication and identification?
2005t.html#6 phishing web sites using self-signed certs
2005t.html#9 phishing web sites using self-signed certs
2005t.html#34 RSA SecurID product
2005t.html#52 PGP Lame question
2005u.html#1 PGP Lame question
2005u.html#3 PGP Lame question
2005u.html#8 PGP Lame question
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#35 [Clips] Banks Seek Better Online-Security Tools
2005u.html#31 AMD to leave x86 behind?
2005u.html#33 PGP Lame question
aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005v.html#2 ABN Tape - Found
2005v.html#3 ABN Tape - Found
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#5 long-term GPG signing key
2006c.html#35 X.509 and ssh
2006d.html#25 Caller ID "spoofing"
2006d.html#26 Caller ID "spoofing"
2006d.html#31 Caller ID "spoofing"
2006d.html#37 transputers again was Re: The demise of Commodore
aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#21 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
2006e.html#44 Does the Data Protection Act of 2005 Make Sense
aadsm22.htm#33 Meccano Trojans coming to a desktop near you
2006f.html#16 trusted repositories and trusted transactions
aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
2006f.html#34 X.509 and ssh
2006f.html#35 X.509 and ssh
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#1 RSA Adaptive Authentication
2006g.html#40 Why are smart cards so dumb?
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006h.html#26 Security
aadsm23.htm#9 PGP "master keys"
aadsm23.htm#11 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#12 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#19 Petrol firm suspends chip-and-pin
2006i.html#13 Multi-layered PKI implementation
aadsm23.htm#32 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
2006k.html#4 Passwords for bank sites - change or not?
2006k.html#5 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
aadsm23.htm#49 Status of SRP
aadsm23.htm#51 Status of opportunistic encryption
aadsm23.htm#54 Status of SRP
aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
aadsm24.htm#7 Naked Payments IV - let's all go naked
aadsm24.htm#8 Microsoft - will they bungle the security game?
2006m.html#15 OpenSSL Hacks
aadsm24.htm#10 Naked Payments IV - let's all go naked
aadsm24.htm#22 Naked Payments IV - let's all go naked
aadsm24.htm#23 Use of TPM chip for RNG?
aadsm24.htm#26 Naked Payments IV - let's all go naked
aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#28 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#29 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#38 Interesting bit of a quote
2006n.html#40 Identity Management Best Practices
aadsm24.htm#48 more on FBI plans new Net-tapping push
aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?
2006o.html#16 Gen 2 EPC Protocol Approved as ISO 18000-6C
2006o.html#17 Gen 2 EPC Protocol Approved as ISO 18000-6C
aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
2006o.html#35 the personal data theft pandemic continues
2006o.html#37 the personal data theft pandemic continues
2006o.html#40 the personal data theft pandemic continues
aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
aadsm25.htm#18 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
aadsm25.htm#20 Identity v. anonymity -- that is not the question
aadsm25.htm#21 Identity v. anonymity -- that is not the question
2006p.html#8 SSL, Apache 2 and RSA key sizes
aadsm25.htm#27 A note on vendor reaction speed to the e=3 problem
2006q.html#47 Smartcard reader with certificate inside the reader
aadsm25.htm#33 Mozilla moves on security
aadsm25.htm#38 How the Classical Scholars dropped security from the canon of Computer Science
aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
2006t.html#5 Are there more stupid people in IT than there used to be?
2006t.html#40 Encryption and authentication
2006u.html#43 New attacks on the financial PIN processing
aadsm26.htm#5 ATMs hacked using MP3 player
aadsm26.htm#6 Citibank e-mail looks phishy
2006v.html#2 New attacks on the financial PIN processing
aadsm26.htm#8 What is the point of encrypting information that is publicly visible?
2006v.html#13 Who has a Core Competency in Security?
2006v.html#26 Fighting Fraudulent Transactions
2006v.html#39 On sci.crypt: New attacks on the financial PIN processing
2006v.html#42 On sci.crypt: New attacks on the financial PIN processing
2006v.html#49 Patent buster for a method that increases password security
2006w.html#5 Patent buster for a method that increases password security
2006w.html#36 What does a patent do that copyright does not?
2006y.html#7 Securing financial transactions a high priority for 2007
2006y.html#25 "The Elements of Programming Style"
2007.html#0 Securing financial transactions a high priority for 2007
2007.html#17 SSL info
2007.html#28 Securing financial transactions a high priority for 2007
aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?
2007.html#42 The logic of privacy
aadsm26.htm#20 Tamperproof, yet playing Tetris
2007b.html#12 Special characters in passwords was Re: RACF - Password rules
2007b.html#60 Securing financial transactions a high priority for 2007
2007b.html#61 Securing financial transactions a high priority for 2007
2007c.html#35 Securing financial transactions a high priority for 2007
2007c.html#36 Securing financial transactions a high priority for 2007
2007c.html#37 Securing financial transactions a high priority for 2007
2007c.html#43 Securing financial transactions a high priority for 2007
2007c.html#44 Securing financial transactions a high priority for 2007
2007c.html#46 Securing financial transactions a high priority for 2007
2007c.html#51 Securing financial transactions a high priority for 2007
aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
2007d.html#10 The logic of privacy
2007d.html#11 Securing financial transactions a high priority for 2007
2007d.html#12 One Time Identification, a request for comments/testing
aadsm26.htm#25 EV - what was the reason, again?
aadsm26.htm#27 man in the middle, SSL ... addenda
aadsm26.htm#29 News.com: IBM donates new privacy tool to open-source Higgins
aadsm26.htm#34 Failure of PKI in messaging
2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
2007d.html#37 MAC and SSL
aadsm26.htm#36 New Credit Cards May Leak Personal Information
2007d.html#57 Which is the Fastest (Secure) Way to Exchange 256-bit Keys?
2007d.html#70 Securing financial transactions a high priority for 2007
2007e.html#12 Securing financial transactions a high priority for 2007
2007e.html#26 Securing financial transactions a high priority for 2007
2007e.html#61 Securing financial transactions a high priority for 2007
2007f.html#8 Securing financial transactions a high priority for 2007
2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
2007f.html#75 Securing financial transactions a high priority for 2007
aadsm26.htm#42 "Dilemmas of Privacy and Surveillance" report launched
aadsm26.htm#43 Cost of an identity
2007g.html#15 T.J. Maxx data theft worse than first reported
2007g.html#19 T.J. Maxx data theft worse than first reported
aadsm26.htm#44 Governance of anonymous financial services
2007g.html#30 T.J. Maxx data theft worse than first reported
aadsm26.htm#48 Governance of anonymous financial services
aadsm26.htm#51 The One True Identity -- cracks being examined, filled, and rotted out from the inside
aadsm26.htm#55 The One True Identity -- cracks being examined, filled, and rotted out from the inside
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
2007h.html#27 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#37 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#58 T.J. Maxx data theft worse than first reported
aadsm26.htm#61 crypto component services - is there a market?
2007h.html#63 T.J. Maxx data theft worse than first reported
2007i.html#17 John W. Backus, 82, Fortran developer, dies
2007i.html#23 John W. Backus, 82, Fortran developer, dies
2007i.html#55 John W. Backus, 82, Fortran developer, dies
2007i.html#64 John W. Backus, 82, Fortran developer, dies
2007i.html#65 John W. Backus, 82, Fortran developer, dies
2007i.html#66 John W. Backus, 82, Fortran developer, dies
2007i.html#74 public key password authentication
aadsm26.htm#66 More Tipping Point evidence - POS vendors sued
aadsm26.htm#70 WSJ: Soft evidence on a crypto-related breach
aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
aadsm27.htm#1 H6.2 Most Standardised Security Protocols are Too Heavy
2007j.html#67 open source voting
2007k.html#53 My Dream PC -- Chip-Based
2007k.html#55 My Dream PC -- Chip-Based
aadsm27.htm#15 307 digit number factored
2007k.html#76 My Dream PC -- Chip-Based
2007l.html#8 John W. Backus, 82, Fortran developer, dies
2007l.html#16 John W. Backus, 82, Fortran developer, dies
2007l.html#35 My Dream PC -- Chip-Based
2007l.html#39 My Dream PC -- Chip-Based
2007l.html#41 My Dream PC -- Chip-Based
2007l.html#48 My Dream PC -- Chip-Based
aadsm27.htm#23 Identity resurges as a debate topic
2007l.html#70 nouns and adjectives
aadsm27.htm#26 A crazy thought?
aadsm27.htm#28 A crazy thought?
2007m.html#9 John W. Backus, 82, Fortran developer, dies
2007m.html#27 nouns and adjectives
2007m.html#31 nouns and adjectives
2007n.html#8 nouns and adjectives
2007n.html#9 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#31 The bank fraud blame game
aadsm27.htm#32 The bank fraud blame game
aadsm27.htm#34 The bank fraud blame game
aadsm27.htm#35 The bank fraud blame game
aadsm27.htm#37 The bank fraud blame game
2007n.html#52 Windows Monitor or CUSP?
aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
aadsm27.htm#52 more on firing your MBA-less CSO
2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
2007o.html#0 The Unexpected Fact about the First Computer Programmer
aadsm27.htm#60 Retailers try to push data responsibilities back to banks
2007q.html#11 what does xp do when system is copying
2007q.html#34 what does xp do when system is copying
2007q.html#72 Value of SSL client certificates?
2007r.html#21 Is the media letting banks off the hook on payment card security
2007r.html#24 How to tell a fake SSL certificate from a real one
2007r.html#26 The new urgency to fix online privacy
2007r.html#29 The new urgency to fix online privacy
2007r.html#32 Is the media letting banks off the hook on payment card security
20074.html#34 Is the media letting banks off the hook on payment card security
2007r.html#54 The new urgency to fix online privacy
2007r.html#61 The new urgency to fix online privacy
2007r.html#63 Translation of IBM Basic Assembler to C?
2007r.html#66 The new urgency to fix online privacy
2007s.html#6 ATMs
2007s.html#16 The new urgency to fix online privacy
2007s.html#55 Translation of IBM Basic Assembler to C?
2007t.html#3 Translation of IBM Basic Assembler to C?
2007t.html#5 Translation of IBM Basic Assembler to C?
2007t.html#6 Translation of IBM Basic Assembler to C?
2007t.html#28 'Man in the browser' is new threat to online banking
2007t.html#61 Crypto Related Posts
2007u.html#10 Crypto Related Posts
2007u.html#67 folklore indeed
2007u.html#76 folklore indeed
2007v.html#60 Credit Card Details
2007v.html#70 folklore indeed
2007v.html#74 folklore indeed
aadsm28.htm#1 2008: The year of hack the vote?
2007v.html#77 folklore indeed
2007v.html#79 folklore indeed
2007v.html#85 folklore indeed
2007v.html#86 folklore indeed
2007v.html#87 Data Breaches Soar In 2007
2007v.html#93 folklore indeed
2007v.html#94 folklore indeed
2008.html#7 folklore indeed
2008.html#8 folklore indeed
2008.html#9 folklore indeed
aadsm28.htm#5 Why Security Modelling doesn't work -- the OODA loop of today's battle
2008.html#67 File Transfer conundrum
aadsm28.htm#19 Lack of fraud reporting paths considered harmful
2008c.html#47 Data Erasure Products
aadsm28.htm#24 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#26 Fixing SSL (was Re: Dutch Transport Card Broken)
2008c.html#89 Toyota Sales for 2007 May Surpass GM
2008c.html#90 Toyota Sales for 2007 May Surpass GM
2008d.html#3 Govt demands password to personal computer
2008d.html#88 The hands-free way to steal a credit card
aadsm28.htm#37 Attack on Brit retail payments -- some takeways
2008e.html#56 Any benefit to programming a RISC processor by hand?
2008e.html#66 independent appraisers
2008e.html#76 independent appraisers
aadsm28.htm#41 Trojan with Everything, To Go!
aadsm28.htm#42 Trojan with Everything, To Go!
2008f.html#44 Realistic dynamics of contactless
2008g.html#8 Hannaford case exposes holes in law, some say
2008g.html#17 Hannaford breach illustrates dangerous compliance mentality
2008g.html#27 Hannaford case exposes holes in law, some say
2008g.html#28 Hannaford case exposes holes in law, some say
2008h.html#4 You won't guess who's the bad guy of ID theft
aadsm28.htm#59 Information Security Vs. Businesss Resilience
aadsm28.htm#64 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#72 What are the current INNOVATIVE ICT Security Services, that are in demand or highly marketable at the moment
aadsm28.htm#75 Fun with Data Theft/Breach Numbers
2008h.html#86 What mode of payment you could think of with the advent of time?
2008i.html#24 Credit Card Fraud
2008i.html#42 "Security Breaches"
2008i.html#55 Is data classification the right approach to pursue a risk based information security program?
2008i.html#61 Could you please name sources of information you trust on RFID and/or other Wireless technologies?
2008i.html#70 Next Generation Security
2008i.html#83 Certificate Purpose
2008j.html#34 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#43 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#55 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008k.html#40 Calling Out
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#33 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#52 Payments Security in RFS
2008l.html#52 Quality of IBM school clock systems?
2008l.html#89 Fraud due to stupid failure to test for negative
2008m.html#0 Fraud due to stupid failure to test for negative
2008m.html#55 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#56 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#66 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#70 Why SSNs Are Not Appropriate for Authentication and when, where and why should you offer/use it?
2008m.html#71 TJ Maxx - why are they still in business?
2008m.html#72 What are security areas to be addressed before starting an e-commerce transaction or setting up a portal?
2008n.html#45 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#46 Mobile Payment/All-in-One Card
2008n.html#48 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#54 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#55 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#59 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?
2008n.html#90 Credit Card Security
2008o.html#2 Credit Card Security
2008o.html#13 What risk of possible data leakage do you see for your organization?
2008o.html#16 Is Information Security driven by compliance??
2008o.html#17 what will be a wow feature in a credit card
2008o.html#22 What risk of possible data leakage do you see for your organization?
2008o.html#47 Will cards with PayPass (from MasterCard) be using CHIP & PIN in the future?
2008o.html#60 Biometric Credit cards
2008o.html#70 What happened in security over the last 10 years?
2008o.html#76 Blinkenlights
2008p.html#2 Keeping private information private
2008p.html#5 Privacy, Identity theft, account fraud
2008p.html#7 Dealing with the neew MA ID protection law
2008p.html#10 Strings story
2008p.html#11 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#14 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#15 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#18 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#21 Would you say high tech authentication gizmo's are a waste of time/money/effort?
2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#38 How do group members think the US payments business will evolve over the next 3 years?
2008p.html#44 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#46 Would you say high tech authentication gizmo's are a waste of time/money/effort?
2008p.html#55 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#67 Web Security hasn't moved since 1995
2008p.html#74 2008 Data Breaches: 30 Million and Counting
2008q.html#0 GPG
2008r.html#2 Payment Card + Digital Signature
2008r.html#23 What is the level of security in payment systems (credit and bank cards) nowadays?
2008r.html#53 21 million German bank account details on black market
2008s.html#1 PCI's Bob Russo: Data loss hurts brand more than a fine
2008s.html#10 Data leakage - practical measures to improve Information Governance
2008s.html#26 Combining EMV and eID on a payment card?
2008s.html#50 Perfect MITM Attacks With No-Check SSL
2008s.html#63 Garbage in, garbage out trampled by Moore's law
2009.html#7 Swedish police warn of tampered credit card terminals
2009.html#10 Swedish police warn of tampered credit card terminals
2009.html#11 Swedish police warn of tampered credit card terminals
2009.html#25 Wrong Instrument for Recurring Payments
2009.html#34 Swedish police warn of tampered credit card terminals
2009.html#60The 25 Most Dangerous Programming Errors
2009.html#62 IRS Mainframe Not Secure Enough
2009.html#78 Double authentification for internet payment
2009b.html#6 US credit card payment house breached by sniffing malware
009b.html#13 US credit card payment house breaches by sniffing malware
2009b.html#14 question about ssh-keygen with empty passphrase
2009b.html#28 Online-Banking Authentication
2009b.html#29 is privacy a security attribute(component or ?). If yes, why? If no why not?
2009b.html#50 Cellphones as Credit Cards? Americans Must Wait
2009b.html#62 Study: Data breaches continue to get more costly for businesses
2009c.html#25 Crypto Craft Knowledge
2009c.html#56 Why use RFID in personal documents & cards at all?
2009d.html#6 Heartland Data Breach Update: Now More Than 150 Institutions Impacted
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009d.html#41 Return of the Smart Card?
2009d.html#47 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
2009d.html#69 PCI Compliance
2009d.html#76 1960 Western Union Facsimile Services
2009e.html#15 The background reasons of Credit Crunch
2009e.html#21 ATMs At Risk
2009f.html#7 An interesting take on Verified by Visa Policy
2009f.html#46 Who moved my payment?
2009f.html#67 Just posted third article about toxic assets in a series on the current financial crisi
2009f.html#10 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?
2009g.html#23 Architectural Diversity
2009g.html#26 Architectural Diversity
2009g.html#29 Transparency and Visibility
2009g.html#57 LexisNexis says its data was used by fraudsters
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009g.html#63 New standard for encrypting card data in the works; backers include Heartland
2009g.html#64 What happened to X9.59?
2009h.html#8 Supercomputers and electronic commerce
2009h.html#69 How practically risky is it to use unsecured IMAP
2009i.html#12 Latest Pilot Will Put Online PIN Debit to the Test for Credit Unions
2009i.html#14 Online Banking’s Innate Security Flaws
2009i.html#23 Why are z/OS people reluctant to use z/OS UNIX? (Are settlements a good argument for overnight batch COBOL ?)
2009i.html#53 Merchant Groups Ask for Broad Changes in Letter to PCI's Overseer
2009i.html#70 A Guide for Full Field Background Checks
2009j.html#11 Is anyone aware of a system that offers three layers of security and ID protection for online purchases or even over the counter POS purchases?
2009j.html#13 PCI SSC Seeks Input on Security Standards
2009j.html#20 Kaminsky interview: DNSSEC addresses cross-organizational trust and security
2009j.html#23 Database Servers: Candy For Hackers
2009j.html#33 IBM touts encryption innovation
2009j.html#41 How can we stop Credit card FRAUD?
2009j.html#48 Replace the current antiquated credit card system
2009j.html#50 How can we stop Credit card FRAUD?
2009j.html#56 Replace the current antiquated credit card system
2009k.html#25 Don't Take Fraud Out of Context
2009k.html#54 The satate of software
2009k.html#60 The satate of software
2009k.html#77 Cyber attackers empty business accounts in minutes
2009l.html#6 Cyber attackers empty business accounts in minutes
2009l.html#50 Hacker charges also an indictment on PCI, expert says
2009l.html#53 Hacker charges also an indictment on PCI, expert says
2009l.html#62 Client Certificate UI for Chrome? -- OT anonymous-transaction
2009m.html#4 Hacker charges also an indictment on PCI, expert says
2009m.html#13 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#40 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#45 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#49 Hacker charges also an indictment on PCI, expert says
2009m.html#51 Chip with PIN or Chip with signature
2009m.html#86 Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
2009n.html#4 Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
2009n.html#7 Some companies are selling the idea that you can use just a (prox) physical access badge (single factor) for logical access as acceptable
2009n.html#26 Signature specification without certificates
2009n.html#36 The Compliance Spectrum...Reducing PCI DSS Scope
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009o.html#54 Should SSL be enabled on every website?
2009o.html#66 Need for speedy cryptography
2009p.html#14 Heartland CIO is critical of First Data's credit card tokenization plan
2009p.html#58 MasPar compiler and simulator
2009p.html#72 Crypto dongles to secure online transactions
2009p.html#75 What's old is new again
2009q.html#54 Crypto dongles to secure online transactions
2009q.html#71 Trade Secrets and Confidential Information
2009q.html#75 Now is time for banks to replace core system according to Accenture
2009r.html#10 70 Years of ATM Innovation
2009r.html#16 70 Years of ATM Innovation
2009r.html#19 Scammers scrape RAM for bank card data
2009r.html#29 Data Breaches Show PCI DSS Ineffective
2009r.html#55 Verizon report goes deep inside data breach investigations
2009s.html#39 Six Months Later, MasterCard Softens a Controversial PCI Rule
2009s.html#47 Audits VII: the future of the Audit is in your hands
2010b.html#12 Korean bank Moves back to Mainframes (...no, not back)
2010b.html#15 security and online banking
2010b.html#69 Happy DEC-10 Day
2010e.html#45 PCI tokenization push promising but premature, experts say
2010f.html#19 Should the USA Implement EMV?
2010f.html#25 Should the USA Implement EMV?
2010f.html#26 Should the USA Implement EMV?
2010f.html#56 Handling multicore CPUs; what the competition is thinking
2010f.html#75 Is Security a Curse for the Cloud Computing Industry?
2010f.html#92 Why do most websites use HTTPS only while logging you in...and not for the entire session?
2010g.html#21 Should the USA Implement EMV?
2010g.html#84 In SSL We Trust? Not Lately
2010h.html#1 In SSL We Trust? Not Lately
2010h.html#25 In SSL We Trust? Not Lately
2010h.html#26 In SSL We Trust? Not Lately
2010h.html#54 Trust Facade
2010h.html#69 Idiotic programming style edicts
2010i.html#25 Retailers blamed for making people vulnerable to credit card fraud and ID theft
2010i.html#58 Cyber Self Defense: Reduce Your Attack Surface
2010i.html#62 blasts from the past -- old predictions come true
2010j.html#0 Wal-Mart to support smartcard payments
2010k.html#5 The Attacker's Advantage
2010k.html#14 taking down the machine - z9 series
2010l.html#59 A mighty fortress is our PKI
2010l.html#70 A slight modification of my comments on PKI
2010l.html#71 A slight modification of my comments on PKI
2010l.html#72 A slight modification of my comments on PKI
2010l.html#79 Five Theses on Security Protocols
2010l.html#82 Five Theses on Security Protocols
2010m.html#2 Five Theses on Security Protocols
2010m.html#6 Five Theses on Security Protocols
2010m.html#7 GSM eavesdropping
2010m.html#19 AT&T, Verizon to Target Visa, MasterCard With Phones
2010m.html#29 Are we spending too little on security? Or are we spending too much??
2010m.html#30 AT&T, Verizon to Target Visa, MasterCard With Phones
2010m.html#31 Are we spending too little on security? Or are we spending too much??
2010m.html#38 U.K. bank hit by massive fraud from ZeuS-based botnet
2010m.html#56 About that "Mighty Fortress"... What's it look like?
2010m.html#57 Has there been a change in US banking regulations recently
2010m.html#64 How Safe Are Online Financial Transactions?
2010m.html#65 How Safe Are Online Financial Transactions?
2010n.html#1 zSecurity blog post - "READ is not benign"
2010n.html#4 zSecurity blog post - "READ is not benign"
2010n.html#5 Cyber criminals seek 'full' sets of credentials that trade for only a few pounds
2010n.html#23 Credit Card with a Computer Inside
2010n.html#25 Will new card innovation help interchange and improve retention?
2010n.html#28 Will new card innovation help interchange and improve retention?
2010n.html#44 Who are these people who think cybersecurity experts are crying wolf?
2010n.html#47 ZeuS attacks mobiles in bank SMS bypass scam
2010n.html#52 Who are these people who think cybersecurity experts are crying wolf?
2010n.html#72 When Merchants Get Rid Of Cardholder Data
2010o.html#9 On Scope Scrinkage in PCI DSS
2010o.html#23 Spooky Myths that Trick Merchants When It Comes to Secure Payments Processes
2010o.html#36 Cookies Are Dead in the Fight Against Fraud
2010o.html#46 The Credit Card Criminals Are Getting Crafty
2010o.html#49 The Credit Card Criminals Are Getting Crafty
2010o.html#50 The Credit Card Criminals Are Getting Crafty
2010o.html#51 The Credit Card Criminals Are Getting Crafty
2010o.html#54 The Credit Card Criminals Are Getting Crafty
2010o.html#56 The Credit Card Criminals Are Getting Crafty
2010o.html#65 They always think we don't understand
2010o.html#67 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010o.html#77 The Credit Card Criminals Are Getting Crafty
2010o.html#82 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010p.html#0 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010p.html#3 The Credit Card Criminals Are Getting Crafty
2010p.html#5 Fun with ATM Skimmers, Part III
2010p.html#25 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010p.html#40 The Great Cyberheist
2011b.html#11 Credit cards with a proximity wifi chip can be as safe as walking around with your credit card number on a poster
2011b.html#36 Internal Fraud and Dollar Losses
2011f.html#14 How is SSL hopelessly broken? Let us count the ways
2011f.html#25 Fear the Internet, was Cool Things You Can Do in z/OS
2011g.html#18 Fight Fraud with Device ID
2011g.html#23 Fight Fraud with Device ID
2011h.html#5 Home prices may drop another 25%, Shiller predicts
2011h.html#9 Breaches and Consumer Backlash
2011h.html#21 Eurofighter v F16
2011j.html#59 Why did the OODA-loop tactic grow into a strategy?
2011k.html#33 50th anniversary of BASIC, COBOL? (warning: unusually violentthread drift)
2011k.html#37 50th anniversary of BASIC, COBOL?
2011l.html#47 Does outsourcing cause data loss?
2011l.html#72 Selectric Typewriter--50th Anniversary
2011m.html#7 Selectric Typewriter--50th Anniversary
2011n.html#7 Founders of SSL Call Game Over?
2011n.html#15 Wicked Problems
2011n.html#47 PCI and the Insider Threat
2011o.html#1 Silicoin
2011o.html#13 Two-Factor Authentication - Hardware token or SMS OTP
2011p.html#48 Hello?
2012.html#65 Reject gmail
2012.html#91 Has anyone successfully migrated off mainframes?
2012b.html#3 Why Threat Modelling fails in practice
2012b.html#10 Cloud apps placed well in the economic cycle
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012b.html#71 Password shortcomings
2012b.html#94 public key, encryption and trust
2012d.html#8 Time to pull the PIN!
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012d.html#49 Do you know where all your sensitive data is located?
2012e.html#31 PC industry is heading for more change
2012e.html#32 Visa, MasterCard warn of 'massive' security breach
2012g.html#11 There's Not an App for That: When Will Our Smartphones Be Recongized as Valid Forms of ID?
2012i.html#35 US Senate proposes national data breach notification act
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012m.html#10 Does the IBM System z Mainframe rely on Security by Obscurity or is it Secure by Design
2012n.html#67 history of Programming language and CPU in relation to each other
2012n.html#75 history of Programming language and CPU in relation to each other
2012o.html#0 history of Programming language and CPU in relation to each other
2012o.html#23 Does the IBM System z Mainframe rely on Security by Obscurity or is it Secure by Design?
2012o.html#50 What will contactless payment do to security?
2021p.html#28 Some interesting post about the importance of Security and what it means for the Mainframe
2013c.html#2 Legal Lessons from PATCO Fraud Case
2013c.html#34 The United States is leaking 1TB of data daily to foreign countries
2013c.html#82 Retailer Sues Visa Over $13 Million "Fine" for Being Hacked
2013c.html#85 Digital Certificates Hide Malware
2013f.html#9 What Makes an Architecture Bizarre?
2013f.html#47 Pirate Bay co-founder charged with hacking IBM mainframes, stealing money
2013f.html#70 How internet can evolve
2013g.html#40 The Vindication of Barb
2013g.html#90 Experts: Network security deteriorating, privacy a lost cause
2013h.html#22 Check out Moto X: Motorola reveals plans for ink and even pills to replace AL
2013j.html#21 8080 BASIC
2013j.html#33 8080 BASIC
2013j.html#45 U.S. agents 'got lucky' pursuing accused Russia master hackers
2013j.html#46 Feds indict indentity theft ring
2013m.html#10 "NSA foils much internet encryption"
2013n.html#12 How the IETF plans to protect the web from NSA snooping
2013o.html#50 Secret contract tied NSA and security industry pioneer
2013o.html#52 Secret contract tied NSA and security industry pioneer
2013o.html#59 Target breach likely involved inside knowledge, experts say
2013o.html#66 Target breach likely involved inside knowledge, experts say
2013o.html#67 What Chase And Other Banks Won't Tell You About Selling Your Data
2013o.html#79 Would Target cybersecurity breach occur with a digital ID system?
2014.html#65 Washington Post on Target store data thefts
2014.html#77 In a Cyber Breach, Who Pays, Banks or Retailers?
2014b.html#22 Royal Pardon For Turing
2014c.html#33 Royal Pardon For Turing
2014d.html#3 Let's Face It--It's the Cyber Era and We're Cyber Dumb
2014d.html#9 NSA chief criticises media and suggests UK was right to detain David Miranda
2014d.html#13 Royal Pardon For Turing
2014d.html#40 Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It
2014d.html#102 How the IETF plans to protect the web from NSA snooping
2014e.html#6 Credit Card Breach at California DMV Provides Yet Another Warning of Cyber Insecurities
2014e.html#27 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014e.html#64 How the IETF plans to protect the web from NSA snooping
2014e.html#78 How the Internet wasn't Commercial Dataprocessing
2014f.html#17 Online Debit, Credit Fraud Will Soon Get Much Worse
2014f.html#19 Is cybersecurity the next banking crisis in the making?
2014f.html#70 Obama Administration Launches Plan To Make An "Internet ID" A Reality
2014f.html#74 Is end of mainframe near ?
2014g.html#17 Is it time for a revolution to replace TLS?
2014g.html#37 Special characters for Passwords
2014h.html#67 Sale receipt--obligatory?
2014i.html#61 A computer at home?
2014j.html#78 Firefox 32 supports Public Key Pinning
2014k.html#14 Cyberspace KISS
2014k.html#56 LA Times commentary: roll out "smart" credit cards to deter fraud

top, by subject: technology, networking, public key, integrity, Boyd - home


Misc. Relying Party Certificates

aadsmail.htm#perform AADS & X9.59 performance and algorithm key sizes
aadsmore.htm#hcrl3 Huge CRLs
aadsmore.htm#vpki valid PKIs
aadsmore.htm#killer0 Killer PKI Applications
aadsmore.htm#scanon Smartcard anonymity patents
aadsmore.htm#pressign President Clinton digital signing
aadsmore.htm#client3 Client-side revocation checking capability
aadsmore.htm#client4 Client-side revocation checking capability
aadsm2.htm#scale Scale (and the SRV record)
aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV
aadsm2.htm#integrity Scale (and the SRV record)
aadsm2.htm#account A different architecture? (was Re: certificate path
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#mauthauth Human Nature
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#techno digital signatures, technology experiments, and service operations
aadsm3.htm#cstech6 cardtech/securetech & CA PKI
aadsm3.htm#kiss1KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss4KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss5 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm4.htm#4 Public Key Infrastructure: An Artifact...
aadsm4.htm#6 Public Key Infrastructure: An Artifact...
aadsm4.htm#7 Public Key Infrastructure: An Artifact...
aadsm4.htm#9 Thin PKI won - You lost
aadsm5.htm#x959 X9.59 Electronic Payment Standard
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm5.htm#liex509 Lie in X.BlaBla...
aadsm5.htm#pkimort PKI: Evolve or Die
aadsm5.htm#spki Simple PKI
aadsm5.htm#spki2 Simple PKI
aadsm5.htm#spki3 Simple PKI
aadsm5.htm#spki4 Simple PKI
aadsm6.htm#echeck Electronic Checks
aadsm7.htm#pcards4 The end of P-Cards?
aadsm7.htm#rhose10 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#rhose11 when a fraud is a sale, Re: Rubber hose attack
aadsm8.htm#softpki4 Software for PKI
aadsm8.htm#softpki8 Software for PKI
aadsm8.htm#softpki9 Software for PKI
aadsm8.htm#softpki11 Software for PKI
aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)
aadsm9.htm#softpki23 Software for PKI
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aadsm9.htm#pkcs12d A PKI Question: PKCS11-> PKCS12
aadsm9.htm#cfppki CFP: PKI research workshop
aadsm9.htm#cfppki4 CFP: PKI research workshop
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm9.htm#cfppki8 CFP: PKI research workshop
aadsm9.htm#cfppki9 CFP: PKI research workshop
aepay2.htm#fed Federal CP model and financial transactions
aepay2.htm#cadis disaster recovery cross-posting
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay3.htm#openclose open CADS and closed AADS
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#aadsrel2 AADS related information ... summary
aepay3.htm#x959discus X9.59 discussions at X9A & X9F
aepay4.htm#comcert11 Merchant Comfort Certificates
aepay6.htm#dsdebate Digital Signatures Spark Debate
aepay6.htm#crlwork do CRL's actually work?
aepay6.htm#dspki2 use of digital signatures and PKI
aepay6.htm#dspki3 use of digital signatures and PKI (addenda)
aepay6.htm#dspki4 use of digital signatures and PKI (addenda)
aepay6.htm#userauth2 MS masters NC mind-set (authentication is the key)
aadsm11.htm#8 Meaning of Non-repudiation
aadsm11.htm#9 Meaning of Non-repudiation
aadsm11.htm#11 Meaning of Non-repudiation
aadsm11.htm#18 IBM alternative to PKI?
aadsm11.htm#19 IBM alternative to PKI?
aadsm11.htm#21 IBM alternative to PKI?
aadsm11.htm#25 Proxy PKI. Was: IBM alternative to PKI?
aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II
aadsm12.htm#6 NEWS: 3D-Secure and Passport
aepay10.htm#31 some certification & authentication landscape summary from recent threads
aepay10.htm#35 some certification & authentication landscape summary from recent threads
aepay10.htm#37 landscape & p-cards
98.html#41 AADS, X9.59, & privacy
99.html#226 Attacks on a PKI
99.html#228 Attacks on a PKI
2000.html#36 "Trusted" CA - Oxymoron?
2000.html#40 "Trusted" CA - Oxymoron?
2000.html#41 "Trusted" CA - Oxymoron?
2000.html#57 RealNames hacked. Firewall issues.
2000b.html#40 general questions on SSL certificates
2000b.html#93 Question regarding authentication implementation
2000e.html#41 Why trust root CAs ?
2000f.html#15 Why trust root CAs ?
2000f.html#72 SET; was Re: Why trust root CAs ?
2001c.html#56 PKI and Non-repudiation practicalities
2001c.html#57 PKI and Non-repudiation practicalities
2001c.html#58 PKI and Non-repudiation practicalities
2001c.html#60 PKI and Non-repudiation practicalities
2001c.html#72 PKI and Non-repudiation practicalities
2001c.html#73 PKI and Non-repudiation practicalities
2001c.html#79 Q: ANSI X9.68 certificate format standard
2001d.html#7 Invalid certificate on 'security' site.
2001d.html#20 What is PKI?
2001e.html#35 Can I create my own SSL key?
2001e.html#46 Can I create my own SSL key?
2001f.html#77 FREE X.509 Certificates
2001f.html#79 FREE X.509 Certificates
2001g.html#21 Root certificates
2001g.html#40 Self-Signed Certificate
2001g.html#64 PKI/Digital signature doesn't work
2001g.html#65 PKI/Digital signature doesn't work
2001g.html#68 PKI/Digital signature doesn't work
2001h.html#0 PKI/Digital signature doesn't work
2001h.html#3 PKI/Digital signature doesn't work
2001h.html#7 PKI/Digital signature doesn't work
2001i.html#16 Net banking, is it safe???
2001k.html#0 Are client certificates really secure?
2001n.html#57 Certificate Authentication Issues in IE and Verisign
2001n.html#73 A PKI question and an answer
2002b.html#25 Question about root CA authorities
2002d.html#39 PKI Implementation
2002e.html#49 PKI and Relying Parties
2002e.html#52 PKI and Relying Parties
2002e.html#56 PKI and Relying Parties
2002e.html#72 Digital certificate varification
2002f.html#57 IBM competes with Sun w/new Chips
2002g.html#32 Secure Device Drivers
aadsm12.htm#27 Employee Certificates - Security Issues
aadsm12.htm#28 Employee Certificates - Security Issues
aadsm12.htm#29 Employee Certificates - Security Issues
2002i.html#72 A Lesson In Security
2002k.html#57 History of AOL
2002l.html#71 Faster seeks (was Re: Do any architectures use instruction
2002m.html#17 A new e-commerce security proposal
2002m.html#20 A new e-commerce security proposal
2002m.html#36 (OT) acceptance of technology, was: Convenient and secure
2002m.html#55 Beware, Intel to embed digital certificates in Banias
2002n.html#8 Tweaking old computers?
2002n.html#13 Help! Good protocol for national ID card?
2002n.html#30 Help! Good protocol for national ID card?
2002n.html#44 public-key cryptography impossible?
2002o.html#57 Certificate Authority: Industry vs. Government
2002o.html#67 smartcard+fingerprint
aadsm12.htm#32 Employee Certificates - Security Issues
aadsm12.htm#39 Identification = Payment Transaction?
aadsm12.htm#41 I-D ACTION:draft-ietf-pkix-sim-00.txt
aadsm12.htm#42 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#43 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#45 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#48 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#49 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#52 First Data Unit Says It's Untangling Authentication
aadsm12.htm#53 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
2002p.html#21 Cirtificate Authorities 'CAs', how curruptable are they to
aadsm14.htm#20 Payments as an answer to spam (addenda)
2003i.html#1Two-factor authentication with SSH?
aepay11.htm#68 Confusing Authentication and Identiification?
aepay11.htm#71 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aadsm14.htm#48 basic question: semantics of "map", "tie", etc in PKI
2003k.html#66 Digital signature and Digital Certificate
2003l.html#33 RSA vs AES
2003m.html#49 public key vs passwd authentication?
aadsm15.htm#33 VS: On-line signature standards
2003p.html#17 Does OTP need authentication?
aadsm16.htm#16 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm16.htm#21 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm17.htm#9 Setting X.509 Policy Data in IE, IIS, Outlook
2004b.html#25 Who is the most likely to use PK?
aadsm17.htm#12 A combined EMV and ID card
2004d.html#7 Digital Signature Standards
aadsm17.htm#16 PKI International Consortium
aadsm17.htm#18 PKI International Consortium
aadsm17.htm#19 PKI International Consortium
aadsm17.htm#23 PKI International Consortium
aadsm17.htm#26 privacy, authentication, identification, authorization
aadsm17.htm#27 Re:Identity Firewall. l PKI International Consortium
2004e.html#20 Soft signatures
aadsm17.htm#34 The future of security
2004f.html#13 racf
2004g.html#5 Adding Certificates
aadsm17.htm#41 Yahoo releases internet standard draft for using DNS as public key server
aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
2004h.html#13Two-factor Authentication Options?
2004h.html#14Two-factor Authentication Options?
aadsm18.htm#5 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#7 Using crypto against Phishing, Spoofing and Spamming
2004j.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#8 New Method for Authenticated Public Key Exchange without Digita Certificates
aadsm18.htm#27 EMV cards as identity cards
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#31 EMV cards as identity cards
2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid
2004m.html#23 Help! I'm trying to understand PKI - especially CA's role
2005c.html#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
aadsm18.htm#55 MD5 collision in X509 certificates
2005e.html#22 PKI: the end
2005e.html#38 xml-security vs. native security
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
aadsm19.htm#8 GeoTrust says existing PKI practices are worthless
2005f.html#62 single-signon with X.509 certificates
2005g.html#45 Maximum RAM and ROM for smartcards
2005h.html#25 couple more Q's on basic public key encryption techniques
2005h.html#27 How do you get the chain of certificates & public keys securely
aadsm19.htm#11 EuroPKI 2005 - Call for Participation
2005i.html#4 Authentication - Server Challenge
2005i.html#7 Improving Authentication on the Internet
aadsm19.htm#33 Digital signatures have a big problem with meaning
aadsm19.htm#40 massive data theft at MasterCard processor
2005k.html#60 The Worth of Verisign's Brand
2005l.html#7 Signing and bundling data using certificates
2005l.html#12 The Worth of Verisign's Brand
2005l.html#25 PKI Crypto and VSAM RLS
2005l.html#29 Importing CA certificate to smartcard
2005l.html#33 More Phishing scams, still no SSL being used
2005l.html#35 More Phishing scams, still no SSL being used
aadsm19.htm#45 payment system fraud, etc
aadsm20.htm#0 the limits of crypto and authentication
aadsm20.htm#5 the limits of crypto and authentication
2005m.html#15 Course 2821; how this will help for CISSP exam ?
aadsm20.htm#11 the limits of crypto and authentication
2005n.html#33 X509 digital certificate for offline solution
2005n.html#39 Uploading to Asimov
2005n.html#51 IPSEC and user vs machine authentication
2005o.html#2 X509 digital certificate for offline solution
aadsm20.htm#32 How many wrongs do you need to make a right?
2005o.html#31 Is symmetric key distribution equivalent to symmetric key generation?
2005o.html#41 Certificate Authority of a secured P2P network
aadsm20.htm#38 Another entry in the internet security hall of shame
aadsm20.htm#39 Another entry in the internet security hall of shame
aadsm20.htm#40 Another entry in the internet security hall of shame
aadsm20.htm#42 Another entry in the internet security hall of shame
aadsm21.htm#2 Another entry in the internet security hall of shame
2005q.html#13 IPSEC with non-domain Server
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005r.html#54 NEW USA FFIES Guidance
2005s.html#43 P2P Authentication
2005s.html#52 TTP and KCM
2005t.html#6 phishing web sites using self-signed certs
2005t.html#32 RSA SecurID product
2005t.html#52 PGP Lame question
2005u.html#19 Identity and Access Management (IAM)
aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
2006b.html#37 X.509 and ssh
2006c.html#34 X.509 and ssh
2006e.html#8 Beginner's Pubkey Crypto Question
2006f.html#15 trusted certificates and trusted repositories
2006f.html#16 trusted repositories and trusted transactions
2006f.html#29 X.509 and ssh
2006f.html#31 X.509 and ssh
aadsm23.htm#14 Shifting the Burden - legal tactics from the contracts world
2006i.html#13 Multi-layered PKI implementation
2006i.html#13 Multi-layered PKI implementation
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#51 Status of opportunistic encryption
aadsm25.htm#20 Identity v. anonymity -- that is not the question
aadsm25.htm#32 On-card displays
aadsm25.htm#46 Flaw exploited in RFID-enabled passports
2006v.html#49 Patent buster for a method that increases password security
2006y.html#13 Your data private? Access all areas is on the cards
2007.html#15 SSL info
2007.html#17 SSL info
2007.html#34 SSL info
2007b.html#61 Securing financial transactions a high priority for 2007
aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
2007d.html#10 The logic of privacy
aadsm26.htm#27 man in the middle, SSL ... addenda
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
aadsm26.htm#61 crypto component services - is there a market?
2007k.html#79 John W. Backus, 82, Fortran developer, dies
2007l.html#9 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#23 Identity resurges as a debate topic
aadsm27.htm#26 A crazy thought?
aadsm27.htm#35 The bank fraud blame game
2007n.html#46 Windows Monitor or CUSP?
2007n.html#63 Poll: oldest computer thing you still use
aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
aadsm27.htm#52 more on firing your MBA-less CSO
2007q.html#5 Windows Live vs Kerberos
2007q.html#24 what does xp do when system is copying
2007q.html#72 Value of SSL client certificates?
2007r.html#26 The new urgency to fix online privacy
2007s.html#51 Translation of IBM Basic Assembler to C?
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#48 World's biggest PKI goes open source: DogTag is released
2008i.html#93 Certificate Purpose
2009k.html#72 Client Certificate UI for Chrome?
2009l.html#62 Client Certificate UI for Chrome? -- OT anonymous-transaction
2010b.html#69 Happy DEC-10 Day
2010l.html#58 A mighty fortress is our PKI

top, by subject: technology, networking, public key, integrity, Boyd - home


Kerberos and/or pk-init

aadsm2.htm#pkikrb PKI/KRB
aadsm3.htm#cstech cardtech/securetech & CA PKI
aadsm3.htm#cstech2 cardtech/securetech & CA PKI
aepay10.htm#31 some certification & authentication landscape summary from recent threads
aepay10.htm#32 some certification & authentication landscape summary from recent threads
aepay10.htm#33 pk-init draft (not yet a RFC)
aepay10.htm#39 Microsoft Trustbridge ... Kerberos (tickets) support
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay10.htm#66 eBay Customers Targetted by Credit Card Scam
aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II
aadsm12.htm#4 NEWS: 3D-Secure and Passport
aadsm12.htm#5 NEWS: 3D-Secure and Passport
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm12.htm#66 Subpoena Sidelines PKI Project
aepay11.htm#1 Sun releases Liberty-enabled software
2001d.html#46 anyone have digital certificates sample code
2001e.html#56 Need explaination of PKI and Kerberos
2001k.html#10 HP-UX will not be ported to Alpha (no surprise)exit
2002i.html#54 Unisys A11 worth keeping?
2002j.html#40 Beginner question on Security
2002j.html#60 How to map a user account to a digital cert?
2002l.html#3 why is Kerberos better than this simpler replacement
2002l.html#4 why is Kerberos better than this simpler replacement
2002l.html#39 Moore law
2002l.html#62 Itanium2 performance data from SGI
2002o.html#40 I found the Olsen Quote
2002o.html#42 use of RADIUS
2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#52 Cirtificate Authorities 'CAs', how curruptable are they to
2002q.html#17 Difference between AAA and Radius?
2003.html#46 Horror stories: high system call overhead
2003.html#50 Origin of Kerberos
2003b.html#49 Authentication w/o user ids and passwords
2003b.html#65 Storing digital IDs on token for use with Outlook
aadsm13.htm#16 A challenge
aadsm13.htm#38 The case against directories
aadsm14.htm#6 The case against directories
2003h.html#55 PKINIT
2003j.html#25 Idea for secure login
aepay11.htm#70 Confusing Authentication and Identiification? (addenda)
2003n.html#16 log on windows xp with smartcard
2003n.html#35 ftp authentication via smartcard
aadsm16.htm#19 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm16.htm#24 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm17.htm#27 Re:Identity Firewall. l PKI International Consortium
2004h.html#21 Basics of key authentication
2005d.html#18 Digital signature with Javascript
2005g.html#2 Cross-Realm Authentication
2005g.html#48 "Best practices" or "Best implementations"?
2005g.html#49 "Best practices" or "Best implementations"?
2005i.html#2 Certificate Services
2005i.html#3 General PKI Question
2005i.html#23 The Worth of Verisign's Brand
2005i.html#52 Single Password - Linux & Windows
aadsm19.htm#43 massive data theft at MasterCard processor
2005m.html#5 Globus/GSI versus Kerberos
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005m.html#37 public key authentication
aadsm20.htm#25 Cross logins
2005n.html#43 X509 digital certificate for offline solution
2005n.html#51 IPSEC and user vs machine authentication
aadsm20.htm#38 Another entry in the internet security hall of shame
aadsm21.htm#4 Another entry in the internet security hall of shame
2005p.html#35 PKI
2005q.html#13 IPSEC with non-domain Server
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#29 IPSEC wireless router ?
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2005s.html#42 feasibility of certificate based login (PKI) w/o real smart card
2005t.html#0 TTP and KCM
2005t.html#22 What ever happened to Tandem and NonStop OS ?
2005u.html#19 Identity and Access Management (IAM)
2006b.html#37 X.509 and ssh
2006h.html#27 confidence in CA
2006h.html#46 blast from the past, tcp/ip, project athena and kerberos
2006i.html#13 Multi-layered PKI implementation
2006i.html#25 Benefits of PKI - 5,000 nodes organization
aadsm23.htm#48 Status of opportunistic encryption
aadsm23.htm#52 Status of opportunistic encryption
aadsm24.htm#8 Microsoft - will they bungle the security game?
2006m.html#24 OT - J B Hunt
aadsm24.htm#15 Apple to help Microsoft with "security neutrality"?
2006n.html#53 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
2006q.html#52 Smartcard reader with certificate inside the reader
2006t.html#8 Root CA CRLs
2006u.html#4 ssh - password control or key control?
2006v.html#10 What's a mainframe?
2006v.html#29 User Authentication
2006v.html#49 Patent buster for a method that increases password security
2007.html#15 SSL info
2007b.html#58 Authentication architecture on a Unix Network
2007d.html#12 One Time Identification, a request for comments/testing
2007f.html#60 Certificates
2007i.html#63 public key password authentication
aadsm27.htm#23 Identity resurges as a debate topic
2007q.html#2 Windows Live vs Kerberos
2007q.html#5 Windows Live vs Kerberos
2007r.html#24 How to tell a fake SSL certificate from a real one
2007u.html#51 folklore indeed
2007u.html#76 folklore indeed
2008.html#53 Really stupid question about z/OS HTTP server
2008.html#54 Really stupid question about z/OS HTTP server
2008c.html#31 Kerberized authorization service
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#31 Fixing SSL (was Re: Dutch Transport Card Broken)
2008i.html#46 Definition of file spec in commands
2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008k.html#40 Calling Out
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2009f.html#66 How did the monitor work under TOPS?
2009g.html#39 How did the monitor work under TOPS?
2009g.html#41 Storing MIT-Kerberos authentication data in an LDAP backend
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009k.html#7 A Complete History Of Mainframe Computing
2009k.html#8 A Complete History Of Mainframe Computing
2009k.html#11 A Complete History Of Mainframe Computing
2009k.html#72 Client Certificate UI for Chrome?
2009l.html#6 Cyber attackers empty business accounts in minutes
2010f.html#3 Why is Kerberos ever used, rather than modern public key cryptography?
2010h.html#25 In SSL We Trust? Not Lately
2010i.html#31 IBM Unix prehistory, someone smarter than Dave Cutler
2010j.html#5 Problem Statement on the Cross-Realm Operation of Kerberos
2010l.html#63 A mighty fortress is our PKI, Part II
2011h.html#56 pdp8 to PC- have we lost our way?
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012b.html#71 Password shortcomings
2012j.html#54 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2014f.html#83 Slashdot this day in history: Microsoft Asks Slashdot To Remove Readers' Posts
2014g.html#37 Special characters for Passwords
2014j.html#12 The SDS 92, its place in history?
2014j.html#102 ? How programs in c language drew graphics directly to screen in old days without X or Framebuffer?

top, by subject: technology, networking, public key, integrity, Boyd - home


certificate-less operation

aadsmore.htm#hcrl1 Huge CRLs
aadsm3.htm#cstech3 cardtech/securetech & CA PKI
aadsm3.htm#kiss1KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm5.htm#spki Simple PKI
aadsm5.htm#spki2 Simple PKI
aadsm6.htm#aadsatm (certificate-less) digital signatures can secure ATM card payments on the internet
aadsm6.htm#terror7 [FYI] Did Encryption Empower These Terrorists?
aadsm7.htm#pcards4 FW: The end of P-Cards?
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aadsm9.htm#cfppki CFP: PKI research workshop
aadsm9.htm#cfppki2 CFP: PKI research workshop
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm9.htm#cfppki6 CFP: PKI research workshop
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm13.htm#16 A challenge
aadsm13.htm#20 surrogate/agent addenda (long)
aadsm14.htm#14 Who's afraid of Mallory Wolf?
aadsm14.htm#35 The real problem that https has conspicuously failed to fix
aadsm14.htm#45 Keyservers and Spam
aadsm15.htm#0 invoicing with PKI
aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
aadsm17.htm#34 The future of security
aadsm17.htm#55 Using crypto against Phishing, Spoofing and Spamming
aepay10.htm#34 some certification & authentication landscape summary from recent threads
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay10.htm#78 ssl certs
aepay10.htm#82 SSL certs & baby steps (addenda)
aepay11.htm#37 Who's afraid of Mallory Wolf?
aepay11.htm#69 Confusing Authentication and Identiification?
aepay11.htm#73 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
98.html#41 AADS, X9.59, & privacy
2001c.html#8 Server authentication
2001g.html#64 PKI/Digital signature doesn't work
2001h.html#36 PKI/Digital signature doesn't work
2001h.html#37 Credit Card # encryption
2001h.html#53 Net banking, is it safe???
2001i.html#9 Net banking, is it safe???
2001i.html#16 Net banking, is it safe???
2001i.html#25 Net banking, is it safe???
2001j.html#49 Are client certificates really secure?
2002e.html#56 PKI and Relying Parties
2002p.html#11 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#50 Cirtificate Authorities 'CAs', how curruptable are they to
2003.html#50 Origin of Kerberos
2003b.html#30 Public key encryption
2003e.html#57 Security in RADIUS (RFC2865)
2003h.html#13 Authentication protocol
2003i.html#29 electronic-ID and key-generation
2003i.html#35 electronic-ID and key-generation
2003l.html#33 RSA vs AES
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003m.html#49 public key vs passwd authentication?
2003m.html#50 public key vs passwd authentication?
2003m.html#52 public key vs passwd authentication?
2003n.html#16 log on windows xp with smartcard
2003n.html#30 Is this right? Question about SSL and PKI
2004e.html#20 Soft signatures
2004g.html#53 Chained I/O's
2004h.html#13Two-factor Authentication Options?
2004h.html#14Two-factor Authentication Options?
2004h.html#48 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#50 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#51 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#52 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#53 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#54 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#55 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#56 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#57 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#59 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#2 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#9 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#10 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#11 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#12 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#13 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#14 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#15 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
2004i.html#17 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#19 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#20 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#21 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#22 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#23 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#24 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#25 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#0 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#1 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#2 Authenticated Public Key Exchange without Digital Certificates?
2004j.html#3 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#5 Authenticated Public Key Exchange without Digital Certificates?
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#9 Smart card Authentication
2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid
aadsm18.htm#43 SSL/TLS passive sniffing
2004p.html#60 Single User: Password or Certificate
2004q.html#0 Single User: Password or Certificate
2005.html#25 Smart cards and use the private key
2005.html#31 Do I need a certificat?
2005.html#35 Do I need a certificat?
2005d.html#17 Digital signature with Javascript
2005d.html#18 Digital signature with Javascript
aadsm18.htm#55 MD5 collision in X509 certificates
aadsm18.htm#56two-factor authentication problems
aadsm19.htm#0two-factor authentication problems
2005g.html#0 What is a Certificate?
2005g.html#1 What is a Certificate?
2005g.html#3 What is a Certificate?
aadsm19.htm#9 PKI News
aadsm19.htm#10 PKI News
2005g.html#9 What is a Certificate?
2005g.html#13 What is a Certificate?
2005g.html#29 Certificate Management Tools
2005g.html#39 Key pair & Certificate lifetimes
2005g.html#45 Maximum RAM and ROM for smartcards
2005g.html#48 "Best practices" or "Best implementations"?
2005h.html#8 keysigning: identity checks
2005h.html#20 Key pair & Certificate lifetimes
2005h.html#25 couple more Q's on basic public key encryption techniques
2005h.html#27 How do you get the chain of certificates & public keys securely
2005h.html#36 Security via hardware?
2005h.html#39 Attacks on IPsec
aadsm19.htm#11 EuroPKI 2005 - Call for Participation
2005i.html#0 More Phishing scams, still no SSL being used
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#2 Certificate Services
2005i.html#3 General PKI Question
2005i.html#4 Authentication - Server Challenge
aadsm19.htm#13 What happened with the session fixation bug?
2005i.html#7 Improving Authentication on the Internet
2005i.html#8 More Phishing scams, still no SSL being used
2005i.html#9 More Phishing scams, still no SSL being used
2005i.html#23 The Worth of Verisign's Brand
2005i.html#24 The Worth of Verisign's Brand
2005i.html#33 Improving Authentication on the Internet
2005i.html#36 Improving Authentication on the Internet
2005i.html#38 More Phishing scams, still no SSL being used
2005i.html#50 XOR passphrase with a constant
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#18 Citibank discloses private information to improve security
aadsm19.htm#24 Citibank discloses private information to improve security
2005j.html#0 private key encryption - doubts
2005j.html#18 Repository for digital certificates
aadsm19.htm#32 Using Corporate Logos to Beat ID Theft
2005k.html#60 The Worth of Verisign's Brand
2005l.html#7 Signing and bundling data using certificates
aadsm19.htm#42 massive data theft at MasterCard processor
aadsm19.htm#43 massive data theft at MasterCard processor
2005l.html#21 The Worth of Verisign's Brand
2005l.html#22 The Worth of Verisign's Brand
2005m.html#0 simple question about certificate chains
2005.html#5 Globus/GSI versus Kerberos
2005m.html#11 Question about authentication protocols
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005m.html#18 S/MIME Certificates from External CA
2005m.html#37 public key authentication
aadsm20.htm#21 Qualified Certificate Request
aadsm20.htm#31 The summer of PKI love
2005n.html#49 X509 digital certificate for offline solution
2005n.html#51 IPSEC and user vs machine authentication
2005o.html#2 X509 digital certificate for offline solution
aadsm20.htm#32 How many wrongs do you need to make a right?
2005o.html#9 Need a HOW TO create a client certificate for partner access
2005o.html#17 Smart Cards?
2005o.html#31 Is symmetric key distribution equivalent to symmetric key generation?
aadsm20.htm#36 Another entry in the internet security hall of shame
aadsm20.htm#37 Another entry in the internet security hall of shame
2005o.html#40 Certificate Authority of a secured P2P network
2005o.html#41 Certificate Authority of a secured P2P network
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
aadsm20.htm#38 Another entry in the internet security hall of shame
aadsm20.htm#40 Another entry in the internet security hall of shame
aadsm20.htm#43 Another entry in the internet security hall of shame
aadsm21.htm#4 Another entry in the internet security hall of shame
2005p.html#32 PKI Certificate question
aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
aadsm21.htm#8 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
2005p.html#35 PKI
2005p.html#36 PKI
2005q.html#13 IPSEC with non-domain Server
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#29 IPSEC wireless router ?
2005q.html#17 continuity of identity
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2005s.html#42 feasibility of certificate based login (PKI) w/o real smart card
2005s.html#43 P2P Authentication
2005s.html#49 phishing web sites using self-signed certs
2005s.html#52 TTP and KCM
2005t.html#0 TTP and KCM
2005t.html#6 phishing web sites using self-signed certs
2005t.html#22 What ever happened to Tandem and NonStop OS ?
2005t.html#32 RSA SecurID product
2005t.html#34 RSA SecurID product
aadsm21.htm#22 Broken SSL domain name trust model
2005u.html#2 PGP Lame question
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm22.htm#0 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#4 GP4.3 - Growth and Fraud - Case #3 - Phishing
2006e.html#8 Beginner's Pubkey Crypto Question
2006f.html#39 X.509 and ssh
2006h.html#27 confidence in CA
2006h.html#28 confidence in CA
2006h.html#29 confidence in CA
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
2006i.html#25 Benefits of PKI - 5,000 nodes organization
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
aadsm23.htm#48 Status of opportunistic encryption
aadsm23.htm#51 Status of opportunistic encryption
aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
aadsm24.htm#24 It's official! SSH whips HTTPS butt! (in small minor test of no import....)
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#44 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?
2006n.html#53 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm25.htm#1 Crypto to defend chip IP: snake oil or good idea?
2006p.html#7 SSL, Apache 2 and RSA key sizes
aadsm25.htm#27 A note on vendor reaction speed to the e=3 problem
2006q.html#47 Smartcard reader with certificate inside the reader
2006q.html#52 Smartcard reader with certificate inside the reader
2006q.html#59 TCPA compatible smarcard readers?
aadsm25.htm#32 On-card displays
aadsm25.htm#35 signing all outbound email
2006t.html#8 Root CA CRLs
aadsm25.htm#46 Flaw exploited in RFID-enabled passports
2006u.html#4 ssh - password control or key control?
2006v.html#29 User Authentication
2006v.html#49 Patent buster for a method that increases password security
2006w.html#12 more secure communication over the network
2006w.html#18 more secure communication over the network
2006x.html#36 SSL security with server certificate compromised
2006y.html#13 Your data private? Access all areas is on the cards
2007.html#7 SSL info
2007.html#15 SSL info
2007.html#34 SSL info
2007b.html#61 Securing financial transactions a high priority for 2007
2007d.html#12 One Time Identification, a request for comments/testing
aadsm26.htm#27 man in the middle, SSL ... addenda
aadsm26.htm#29 News.com: IBM donates new privacy tool to open-source Higgins
aadsm26.htm#31 man in the middle, SSL ... addenda 2
aadsm26.htm#33 Failure of PKI in messaging ... addenda
aadsm26.htm#34 Failure of PKI in messaging
2007d.html#49 certificate distribution
aadsm26.htm#40 PKI: The terrorists' secret weapon
aadsm26.htm#41 PKI: The terrorists' secret weapon (part II)
2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
2007f.html#60 Certificates
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?
2007h.thml#31 sizeof() was: The Perfect Computer - 36 bits?
2007i.html#63 public key password authentication
2007l.html#0 John W. Backus, 82, Fortran developer, dies
2007l.html#41 My Dream PC -- Chip-Based
aadsm27.htm#23 Identity resurges as a debate topic
aadsm27.htm#24 Why self describing data formats:
2007m.html#41 X.509 weakness?
aadsm27.htm#30 A secure Internet requires a secure network protocol
aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
aadsm27.htm#52 more on firing your MBA-less CSO
2007q.html#30 what does xp do when system is copying
2007r.html#24 How to tell a fake SSL certificate from a real one
20074.html#49 How to tell a fake SSL certificate from a real one
2007s.html#3 OpenPGP becomes RFC4880. Consider Hypothesis #1: The One True Cipher Suite
2008.html#7 folklore indeed
2008.html#8 folklore indeed
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#24 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#30 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#31 Fixing SSL (was Re: Dutch Transport Card Broken)
2008i.html#91 Certificate Purpose
2008i.html#93 Certificate Purpose
2008k.html#48 The PKC-only application security model
2008k.html#49 The PKC-only application security model
2008k.html#51 The PKC-only application security model
2008k.html#54 The PKC-only application security model
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#32 Authentication in the e-tailer / payment gateway / customer triangle
2008n.html#34 Builders v. Breakers
2009.html#35 Perfect MITM Attacks With No-Check SSL Certs
2009g.html#48 Inventor: SSL security woes are really the fault of browser design
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009k.html#33 Trouble in PKI land
2009l.html#6 Cyber attackers empty business accounts in minutes
2009m.html#5 Need new 3270 emulator: SSH, inexpensive, reliable
2009m.html#7 Need new 3270 emulator: SSH, inexpensive, reliable
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009o.html#66 Need for speedy cryptography
2009r.html#32 SSL certificates and keys
2009r.html#72 Why don't people use certificate-based access authentication?
2010b.html#69 Happy DEC-10 Day
2010h.html#25 In SSL We Trust? Not Lately
2010l.html#58 A mighty fortress is our PKI
2010l.html#63 A mighty fortress is our PKI, Part II
2010l.html#72 A slight modification of my comments on PKI
2010l.html#78 Five Theses on Security Protocols
2010l.html#81 A mighty fortress is our PKI
2010m.html#58 memes in infosec IV - turn off HTTP, a small step towards "only one mode"
2011k.html#33 50th anniversary of BASIC, COBOL? (warning: unusually violentthread drift)
2011k.html#36 50th anniversary of BASIC, COBOL? (warning: unusually violentthread drift)
2011k.html#74 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011k.html#77 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011n.html#3 Banks Face Ongoing Cyber Threats
2012.html#63 Reject gmail
2012.html#65 Reject gmail
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012b.html#48 Driver's licenses for the Internet
2012b.html#71 Password shortcomings
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012d.html#31 Can SSL Certificate Checking System Be Saved?
2012j.html#54 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012j.html#62 The Myth of Password Complexity & Frequent Change Rules


also account authority digital signature: AADS/ABDS

top, by subject: technology, networking, public key, integrity, Boyd - home


Coining the term certificate manufacturing to differentiate from PKI

aepay2.htm#fed Federal CP model and financial transactions
aepay2.htm#cadis disaster recovery cross-posting
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aadsm2.htm#scale Scale (and the SRV record)
aadsm3.htm#kiss7KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm5.htm#pkimort2 problem with the death of X.509 PKI
aadsm5.htm#faith faith-based security and kinds of trust
aadsm8.htm#softpki6 Software for PKI
aadsm8.htm#softpki10 Software for PKI
aadsm8.htm#softpki14 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki20 DNSSEC (RE: Software for PKI)
aadsm9.htm#cfppki5 CFP: PKI research workshop
aepay10.htm#81 SSL certs & baby steps
aepay10.htm#82 SSL certs & baby steps (addenda)
aadsm11.htm#34 ALARMED ... Only Mostly Dead ... RIP PKI
aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
aadsm13.htm#35 How effective is open source crypto? (bad form)
aadsm13.htm#37 How effective is open source crypto?
aadsm14.htm#19 Payments as an answer to spam (addenda)
aadsm15.htm#0 invoicing with PKI
2001d.html#16 Verisign and Microsoft - oops
2001d.html#20 What is PKI?
2001g.html#2 Root certificates
2001h.html#0 PKI/Digital signature doesn't work
2001j.html#8 PKI (Public Key Infrastructure)
2003.html#41 InfiniBand Group Sharply, Evenly Divided
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003l.html#45 Proposal for a new PKI model (At least I hope it's new)
2003l.html#46 Proposal for a new PKI model (At least I hope it's new)
2004m.html#12 How can I act as a Certificate Authority (CA) with openssl ??
2005l.html#1 The Worth of Verisign's Brand
2005l.html#2 The Worth of Verisign's Brand
2005l.html#32 More Phishing scams, still no SSL being used
aadsm19.htm#13 What happened with the session fixation bug?
aadsm20.htm#11 the limits of crypto and authentication
aadsm20.htm#15 the limits of crypto and authentication
aadsm20.htm#26 [Clips] Does Phil Zimmermann need a clue on VoIP?
aadsm20.htm#31 The summer of PKI love
aadsm20.htm#32 How many wrongs do you need to make a right?
2005o.html#41 Certificate Authority of a secured P2P network
aadsm20.htm#43 Another entry in the internet security hall of shame
aadsm20.htm#44 Another entry in the internet security hall of shame
2005s.html#24 What ever happened to Tandem and NonStop OS ?
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
2007.html#17 SSL info
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
2010l.html#57 A mighty fortress is our PKI
2010l.html#58 A mighty fortress is our PKI
2010l.html#62 A mighty fortress is our PKI
2010l.html#79 Five Theses on Security Protocols

top, by subject: technology, networking, public key, integrity, Boyd - home


Electronic Signature legislation, human signature, intent

aadsm6.htm#nonreput Sender and receiver non-repudiation
aepay11.htm#53 Authentication white paper
aepay11.htm#55 FINREAD ... and as an aside
aadsm11.htm#5 Meaning of Non-repudiation
aadsm11.htm#6 Meaning of Non-repudiation
aadsm11.htm#7 Meaning of Non-repudiation
aadsm11.htm#23 Proxy PKI. Was: IBM alternative to PKI?
aadsm12.htm#38 Legal entities who sign
aadsm13.htm#12 Antwort: Re: Real-time Certificate Status Facility for OCSP - (RTCS)
aadsm15.htm#32 VS: On-line signature standards
aadsm15.htm#34 VS: On-line signature standards (slight addenda)
aadsm15.htm#36 VS: On-line signature standards
aadsm17.htm#59 dual-use digital signature vulnerability
aadsm18.htm#0 dual-use digital signature vulnerability
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#2 dual-use digital signature vulnerability
aadsm18.htm#56two-factor authentication problems
aadsm19.htm#2 Do You Need a Digital ID?
aadsm19.htm#24 Citibank discloses private information to improve security
aadsm19.htm#28 "SSL stops credit card sniffing" is a correlation/causality myth
aadsm19.htm#33 Digital signatures have a big problem with meaning
aadsm19.htm#41 massive data theft at MasterCard processor
aadsm20.htm#0 the limits of crypto and authentication
aadsm20.htm#8 UK EU presidency aims for Europe-wide biometric ID card
aadsm21.htm#5 Is there any future for smartcards?
2000f.html#64 Cryptogram Newsletter is off the wall?
2000g.html#34 does CA need the proof of acceptance of key binding ?
2001g.html#25 Root certificates
2001g.html#62 PKI/Digital signature doesn't work
2002p.html#57 Cirtificate Authorities 'CAs', how curruptable are they
2001h.html#51 future of e-commerce
2001j.html#7 No Trusted Viewer possible?
2002g.html#69 Digital signature
2002h.html#13 Biometric authentication for intranet websites?
2002l.html#24 Two questions on HMACs and hashing
2003h.html#29 application of unique signature
2003h.html#38 entity authentication with non-repudiation
2004e.html#20 Soft signatures
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#17 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#21 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#24 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#1 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#51 Looking for pointers to get started with e-signature
2005.html#14 Using smart cards for signing and authorization in applets
2005b.html#56 [Lit.] Buffer overruns
2005e.html#31 Public/Private key pair protection on Windows
2005g.html#46 Maximum RAM and ROM for smartcards
2005l.html#36 More Phishing scams, still no SSL being used
2005m.html#1 Creating certs for others (without their private keys)
2005m.html#6 Creating certs for others (without their private keys)
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005q.html#4 winscape?
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
aadsm21.htm#13 Contactless payments and the security challenges
2005r.html#54 NEW USA FFIES Guidance
2005r.html#10 NEW USA FFIES Guidance
2005s.html#27 whats the difference between Encryption and Encoding ? or both are same ?
aadsm21.htm#21 Some thoughts on high-assurance certificates
2005t.html#52 PGP Lame question
2005u.html#0 PGP Lame question
aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005v.html#3 ABN Tape - Found
aadsm22.htm#5 long-term GPG signing key
aadsm22.htm#6 long-term GPG signing key
aadsm22.htm#7 long-term GPG signing key
2006d.html#25 Caller ID "spoofing"
2006d.html#32 When *not* to sign an e-mail message?
2006d.html#34 When *not* to sign an e-mail message?
2006e.html#3 When *not* to sign an e-mail message?
2006e.html#4 When *not* to sign an e-mail message?
2006f.html#29 X.509 and ssh
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#46 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#47 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#48 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#11 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#12 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#13 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#14 Shifting the Burden - legal tactics from the contracts world
aadsm25.htm#21 Identity v. anonymity -- that is not the question
aadsm25.htm#30 On-card displays
2006s.html#34 Basic Question
2006t.html#40 Encryption and authentication
aadms26.htm#19 Non-repudiation, Evidence and TLS: another fine mess I've got you into :-(
aadsm26.htm#32 Failure of PKI in messaging
2007f.html#72 Securing financial transactions a high priority for 2007
2007g.html#40 Electronic signature outside Europe
aadsm26.htm#49 Governance of anonymous financial services
2007h.html#27 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
aadsm26.htm#63 Public key encrypt-then-sign or sign-then-encrypt?
2007i.html#74 public key password authentication
aadsm26.htm#67 survey of RFC S/MIME signature handling
aadsm26.htm#69 survey of RFC S/MIME signature handling
aadsm27.htm#4 Public key encrypt-then-sign or sign-then-encrypt?
2007l.html#2 John W. Backus, 82, Fortran developer, dies
2007l.html#3 John W. Backus, 82, Fortran developer, dies
2007l.html#6 John W. Backus, 82, Fortran developer, dies
2007r.html#61 The new urgency to fix online privacy
2007s.html#55 Translation of IBM Basic Assembler to C?
2007s.html#56 Translation of IBM Basic Assembler to C?
2007t.html#6 Translation of IBM Basic Assembler to C?
2007u.html#15 Public Computers
2007v.html#44 Education ranking
aadsm28.htm#33 on Revocation of Signing Certs and Public Key Signing itself
aadsm28.htm#34 on Revocation of Signing Certs and Public Key Signing itself
2008e.html#62 Any benefit to programming a RISC processor by hand?
aadsm28.htm#38 The Trouble with Threat Modelling
2008f.html#39 Can electronic signature bring us non-repudiation and authenticity?
aadsm28.htm#50 Liability for breaches: do we need new laws?
2008i.html#89 Technologists on signatures: looking in the wrong place
2008i.html#92 Certificate Purpose
2008j.html#39 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008l.html#49 Quality of IBM school clock systems?
2008m.html#73 Blinkylights
2008o.html#16 Is Information Security driven by compliance??
2008p.html#7 Dealing with the neew MA ID protection law
2008p.html#79 PIN entry on digital signatures + extra token
2008q.html#3 GPG
2008r.html#2 Payment Card + Digital Signature
2009.html#29 Data losses set to soar
2009b.html#16 It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct
2009d.html#27 Californa's Data Breach Law May Get an Update
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009g.html#50 Has any public CA ever had their certificate revoked?
2009j.html#55 Replace the current antiquated credit card system
2009k.html#77 Cyber attackers empty business accounts in minutes
2009l.html#5 Internal fraud isn't new, but it's news
2009n.html#1 IT Story New Standard For EU-Compliant Electronic Signatures
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009o.html#50 WSJ.com The Fallacy of Identity Theft
2009q.html#58 Cyber breaches are a closely kept secret
2010b.html#69 Happy DEC-10 Day
2010b.html#82 Oldest Instruction Set still in daily use?
2010h.html#82 Costs Of Data Breaches Much Higher In U.S. Than In Other Countries, Study Says
2010i.html#83 The Evolution of the Extended Enterprise: Security Stategies for Forward Thinking Organizations
2010j.html#18 Personal use z/OS machines was Re: Multiprise 3k for personal Use?
2010l.html#26 Root Zone DNSSEC Deployment Technical Status Update
2010l.html#28 Mainframe Hacking -- Fact or Fiction
2010l.html#58 A mighty fortress is our PKI
2010m.html#2 Five Theses on Security Protocols
2010m.html#56 About that "Mighty Fortress"... What's it look like?
2010n.html#22 Data breaches remain high
2010n.html#44 Who are these people who think cybersecurity experts are crying wolf?
2010n.html#49 ZeuS attacks mobiles in bnak SMS bypass scam
2010n.html#52 Who are these people who think cybersecurity experts are crying wolf?
2010o.html#9 On Scope Scrinkage in PCI DSS
2010o.html#76 E-commerce smackdown as PCI standards revised
2011b.html#60 A Two Way Non-repudiation Contract Exchange Scheme
2011f.html#14 How is SSL hopelessly broken? Let us count the ways
2011f.html#55 Are Americans serious about dealing with money laundering and the drug cartels?
2011h.html#55 CISO's Guide to Breach Notification
2011h.html#56 pdp8 to PC- have we lost our way?
2011i.html#45 Happy 100th Birthday, IBM!
2011l.html#47 Does outsourcing cause data loss?
2011p.html#131 The Times E-Mails Millions by Mistake to Say Subscriptions Were Canceled
2011p.html#132 Yes Virginia, Electronic Signatures Are Legal
2012.html#35 Israel vows to hit back after credit cards hacked
2012.html#65 Reject gmail
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012b.html#48 Driver's licenses for the Internet
2012c.html#3 zSeries Manpower Sizing
2012c.html#6 The 15 Worst Data Security Breaches of the 21st Century
2012d.html#31 Can SSL Certificate Checking System Be Saved?
2012d.html#49 Do you know where all your sensitive data is located?
2012e.html#17 Data theft: Hacktivists 'steal more than criminals'
2012i.html#30 US Senate proposes national data breach notification act
2012i.html#35 US Senate proposes national data breach notification act
2012i.html#73 Operating System, what is it?
2012i.html#80 Firms told to own up to cybercrime attacks
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012m.html#55 General Mills computer
2013.html#39 ICSF Symmetric Key being sent to a non-zOS system
2013d.html#68 What Makes an Architecture Bizarre?
2013m.html#14 Gilmore response to NSA mathematician's "make rules for NSA" appeal
2013n.html#12 How the IETF plans to protect the web from NSA snooping
2013o.html#59 Target breach likely involved inside knowledge, experts say
2013o.html#66 Target breach likely involved inside knowledge, experts say
2013o.html#67 What Chase And Other Banks Won't Tell You About Selling Your Data
2013o.html#79 Would Target cybersecurity breach occur with a digital ID system?
2014d.html#1 RSA 2014: Target Breach Has Bigger Impact on Data Security than Snowden, says Vormetric
2014d.html#3 Let's Face It--It's the Cyber Era and We're Cyber Dumb
2014d.html#9 NSA chief criticises media and suggests UK was right to detain David Miranda
2014d.html#13 Royal Pardon For Turing
2014d.html#40 Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It
2014d.html#102 How the IETF plans to protect the web from NSA snooping
2014e.html#6 Credit Card Breach at California DMV Provides Yet Another Warning of Cyber Insecurities
2014e.html#47 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014f.html#58 Consumers Ditch Their Breached Retailers, Banks and Doctors
2014f.html#94 Privacy vs. freedom of the press--Google court ruling

top, by subject: technology, networking, public key, integrity, Boyd - home


Discussion of real-time public key distribution using DNS

aadsmore.htm#pkiart2 Public Key Infrastructure: An Artifact...
aadsmore.htm#client3 Client-side revocation checking capability
aadsm4.htm#5 Public Key Infrastructure: An Artifact...
aadsm8.htm#softpki6 Software for PKI
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm13.htm#26 How effective is open source crypto?
aadsm13.htm#32 How effective is open source crypto? (bad form)
aadsm14.htm#39 An attack on paypal
aadsm15.htm#25 WYTM?
aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
aadsm17.htm#18 PKI International Consortium
aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#43 SSL/TLS passive sniffing
aadsm19.htm#13 What happened with the session fixation bug?
aadsm19.htm#42 massive data theft at MasterCard processor
aadsm20.htm#31 The summer of PKI love
aadsm20.htm#42 Another entry in the internet security hall of shame
aadsm20.htm#43 Another entry in the internet security hall of shame
aadsm20.htm#44 Another entry in the internet security hall of shame
aadsm21.htm#24 Broken SSL domain name trust model
aadsm21.htm#39 X.509 / PKI, PGP, and IBE Secure Email Technologies
2000e.html#40 Why trust root CAs ?
2001l.html#22 Web of Trust
2001m.html#37 CA Certificate Built Into Browser Confuse Me
2002d.html#47 SSL MITM Attacks
2002j.html#59 SSL integrity guarantees in abscense of client certificates
2002m.html#30 Root certificate definition
2002m.html#64 SSL certificate modification
2002m.html#65 SSL certificate modification
2002n.html#2 SRP authentication for web app
2002o.html#10 Are ssl certificates all equally secure?
2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to
2003.html#63 SSL & Man In the Middle Attack
2003.html#66 SSL & Man In the Middle Attack
2003d.html#29 SSL questions
2003d.html#40 Authentification vs Encryption in a system to system interface
2003f.html#25 New RFC 3514 addresses malicious network traffic
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003p.html#20 Dumb anti-MITM hacks / CAPTCHA application
2004b.html#41 SSL certificates
2004g.html#6 Adding Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2005.html#35 Do I need a certificat?
2005e.html#22 PKI: the end
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#51 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005g.html#0 What is a Certificate?
2005g.html#1 What is a Certificate?
2005g.html#9 What is a Certificate?
2005h.html#27 How do you get the chain of certificates & public keys securely
2005i.html#0 More Phishing scams, still no SSL being used
2005i.html#3 General PKI Question
2005i.html#7 Improving Authentication on the Internet
2005k.html#60 The Worth of Verisign's Brand
2005m.html#0 simple question about certificate chains
2005m.html#18 S/MIME Certificates from External CA
2005o.html#41 Certificate Authority of a secured P2P network
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005t.html#32 RSA SecurID product
2005t.html#34 RSA SecurID product
2005u.html#9 PGP Lame question
2005v.html#3 ABN Tape - Found
2006c.html#10 X.509 and ssh
2006c.html#16 X.509 and ssh
2006c.html#38 X.509 and ssh
2006d.html#29 Caller ID "spoofing"
2006d.html#34 When *not* to sign an e-mail message?
2006e.html#10 Caller ID "spoofing"
2006f.html#33 X.509 and ssh
2006h.html#27 confidence in CA
2006h.html#34 The Pankian Metaphor
2006p.html#7 SSL, Apache 2 and RSA key sizes
aadsm22.htm#0 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#17 Major Browsers and CAS announce balkanisation of Internet Security
aadsm23.htm#13 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#47 Status of opportunistic encryption
aadsm24.htm#44 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm25.htm#28 WESII - Programme - Economics of Securing the Information Infrastructure
2006t.html#8 Root CA CRLs
aadsm26.htm#1 Extended Validation - setting the minimum liability, the CA trap, the market in browser governance
2006w.html#15 more secure communication over the network
2006x.html#36 SSL security with server certificate compromised
2007.html#7 SSL info
aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?
2007b.html#53 Forbidding Special characters in passwords
2007c.html#51 Securing financial transactions a high priority for 2007
aadsm26.htm#25 EV - what was the reason, again?
aadsm26.htm#26 man in the middle, SSL
2007d.html#60 SLL Certificate
2007g.html#32 Can SSL sessions be compromised?
2007g.html#50 DNSSEC to be strangled at birth
2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?
2007i.html#17 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
2007k.html#32 SSL Security
aadsm27.htm#14 307 digit number factored
aadsm27.htm#15 307 digit number factored
2007l.html#0 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#22 A crazy thought?
2007m.html#41 X.509 weakness?
aadsm27.htm#30 A secure Internet requires a secure network protocol
2007p.html#60 what does xp do when system is copying
2007q.html#30 what does xp do when system is copying
2007r.html#24 How to tell a fake SSL certificate from a real one
2007u.html#45 Folklore references to CP67 at Lincoln Labs
aadsm28.htm#21 Dutch Transport Card Broken
2008h.html#72 SSL certificates - from a customer's point of view (trust)
2008i.html#78 Hypothesis #4 -- The First Requirement of Security is Usability
2008j.html#87 CLIs and GUIs
2008k.html#49 The PKC-only application security model
2008l.html#34 Authentication in the e-tailer / payment gateway / customer triangle
2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
2008s.html#50 Perfect MITM Attacks With No-Check SSL
2008s.html#58 DNS flaw is 2008's biggest web blunder
2008s.html#72 CA issues no-questions asked Mozilla cert
2008s.html#76 Boffins bust web authentication with game consoles
2009.html#24 A New Web of Trust
2009.html#35 Perfect MITM Attacks With No-Check SSL Certs
2009.html#75 Delays in DNS security baffling: Mockapetris
2009b.html#33 Phish-Pharming: Using social engineering to hijack domains at the source
2009c.html#58 Has anyone seen a lift from using an Extended Validation SSL Certificate?
2009g.html#48 Inventor: SSL security woes are really the fault of browser design
2009j.html#20 Kaminsky interview: DNSSEC addresses cross-organizational trust and security
2009k.html#21 Security certificate warnings don't work, researchers say
2009k.html#23 Security certificate warnings don't work, researchers say
2009k.html#72 Client Certificate UI for Chrome?
2009m.html#41 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009o.html#3 Sophisticated cybercrooks cracking bank security efforts
2009o.html#78 DNSSEC + Certs As a Replacement For SSL's Transport Security
2009p.html#88 Kaminsky Bug Options Include "Do Nothing," Says IETF
2009r.html#1 Small Server Mob Advantage
2010b.html#62 Happy DEC-10 Day
2010b.html#69 Happy DEC-10 Day
2010f.html#80 Law Enforcement Appliance Subverts SSL
2010g.html#10 Gov't coerced Certs thwart SSL/TLS
2010l.html#62 A mighty fortress is our PKI
2010l.html#78 Five Theses on Security Protocols
2010m.html#60 towards https everywhere and strict transport security
2010n.html#0 UAE Man-in-the-Middle Attack Against SSL
2010n.html#2 UAE Man-in-the-Middle Attack Against SSL
2010n.html#37 Do we really need to care about DNS Security?
2010q.html#71 Domain Name of Russia's Largest Online Payment Processor Hijacked
2011k.html#63 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011n.html#6 Founders of SSL Call Game Over?
2011o.html#88 EFF proposes new method to strengthen Public Key Infrastructure
2012.html#97 Is SSL Cert Holder ID Verification A Joke?
2012.html#98 Google works on Internet standards with TCP proposals, SPDY standardization
2012.html#103 Google works on Internet standards with TCP proposals, SPDY standardization
2012c.html#7 The Convergence of PKI
2013.html#39 ICSF Symmetric Key being sent to a non-zOS system
2013f.html#70 How internet can evolve
2013i.html#46 OT: "Highway Patrol" back on TV
2014e.html#7 Last Gasp for Hard Disk Drives
2014e.html#47 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014g.html#7 [Cryptography] Is it time for a revolution to replace TLS?
2014g.html#13 Is it time for a revolution to replace TLS?

top, by subject: technology, networking, public key, integrity, Boyd - home


Digital Certificate Payload Bloat

aepay10.htm#76 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aadsm13.htm#10 X.500, LDAP Considered harmful Was: OCSP/LDAP
aadsm16.htm#21 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm17.htm#4 Difference between TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed)
aadsm17.htm#41 Yahoo releases internet standard draft for using DNS as public key server
aadsm17.htm#54 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#5 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#6 dual-use digital signature vulnerability
aadsm18.htm#7 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#27 EMV cards as identity cards
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#31 EMV cards as identity cards
aadsm18.htm#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
aadsm19.htm#11 EuroPKI 2005 - Call for Participation
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#33 Digital signatures have a big problem with meaning
aadsm19.htm#40 massive data theft at MasterCard processor
aadsm20.htm#5 the limits of crypto and authentication
aadsm20.htm#11 the limits of crypto and authentication
aadsm20.htm#17 the limits of crypto and authentication
2000f.html#15 Why trust root CAs ?
2001f.html#79 FREE X.509 Certificates
2003g.html#47 Disk capacity and backup solutions
2003k.html#66 Digital signature and Digital Certificate
2004g.html#5 Adding Certificates
2004h.html#51 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
2004i.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#9 Smart card Authentification
2004m.html#23 Help! I'm trying to understand PKI - especially CA's role
2005e.html#22 PKI: the end
2005e.html#38 xml-security vs. native security
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005f.html#62 single-signon with X.509 certificates
2005g.html#9 What is a Certificate?
2005g.html#45 Maximum RAM and ROM for smartcards
2005h.html#25 couple more Q's on basic public key encryption techniques
2005h.html#27 How do you get the chain of certificates & public keys securely
2005i.html#2 Certificate Services
2005i.html#3 General PKI Question
2005i.html#4 Authentication - Server Challenge
2005i.html#7 Improving Authentication on the Internet
2005l.html#7 Signing and bundling data using certificates
2005l.html#12 The Worth of Verisign's Brand
2005l.html#23 The Worth of Verisign's Brand
2005l.html#29 Importing CA certificate to smartcard
2005l.html#35 More Phishing scams, still no SSL being used
2005l.html#36 More Phishing scams, still no SSL being used
2005l.html#37 More Phishing scams, still no SSL being used
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005n.html#33 X509 digital certificate for offline solution
2005o.html#31 Is symmetric key distribution equivalent to symmetric key generation?
2005r.html#54 NEW USA FFIES Guidance
2005t.html#6 phishing web sites using self-signed certs
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#4 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#51 Status of opportunistic encryption
2006b.html#37 X.509 and ssh
2006c.html#35 X.509 and ssh
2006e.html#8 Beginner's Pubkey Crypto Question
2006e.html#42 SSL Certificate Signing
2006f.html#29 X.509 and ssh
2006f.html#33 X.509 and ssh
2006h.html#28 confidence in CA
2006i.html#13 Multi-layered PKI implementation
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#20 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#38 PDP-1
aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
aadsm24.htm#10 Naked Payments IV - let's all go naked
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm25.htm#27 A note on vendor reaction speed to the e=3 problem
2006q.html#47 Smartcard reader with certificate inside the reader
aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?
2007d.html#10 The logic of privacy
aadsm26.htm#34 Failure of PKI in messaging
2007d.html#37 MAC and SSL
2007f.html#75 Securing financial transactions a high priority for 2007
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
2007h.thml#31 sizeof() was: The Perfect Computer - 36 bits?
aadsm26.htm#61 crypto component services - is there a market?
2007i.html#17 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#1 H6.2 Most Standardised Security Protocols are Too Heavy
2007j.html#67 open source voting
aadsm27.htm#21 307 digit number factored
2007l.html#48 My Dream PC -- Chip-Based
aadsm27.htm#24 Why self describing data formats:
aadsm27.htm#26 A crazy thought?
2007m.html#27 nouns and adjectives
aadsm27.htm#35 The bank fraud blame game
2007n.html#63 Poll: oldest computer thing you still use
2007q.html#5 Windows Live vs Kerberos
aadsm28.htm#1 2008: The year of hack the vote?
2008.html#7 folklore indeed
2008.html#8 folklore indeed
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#59 Information Security Vs. Businesss Resilience
2008i.html#83 Certificate Purpose
2008j.html#43 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008k.html#40 Calling Out
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008q.html#0 GPG
2009c.html#25 Crypto Craft Knowledge
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009d.html#76 1960 Western Union Facsimile Services
2009g.html#23 Architectural Diversity
2009j.html#33 IBM touts encryption innovation
2009k.html#60 The satate of software
2009k.html#72 Client Certificate UI for Chrome?
2009n.html#26 Signature specification without certificates
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009r.html#32 SSL certificates and keys
2009r.html#72 Why don't people use certificate-based access authentication?
2009s.html#10 Why don't people use certificate-base access authentication?
2009s.html#49 Six Months Later, MasterCard Softens a Controversial PCI Rule
2010b.html#62 Happy DEC-10 Day
2010b.html#69 Happy DEC-10 Day
2010g.html#84 In SSL We Trust? Not Lately
2010h.html#25 In SSL We Trust? Not Lately
2010l.html#58 A mighty fortress is our PKI
2010l.html#59 A mighty fortress is our PKI
2010l.html#82 Five Theses on Security Protocols
2010m.html#3 Five Theses on Security Protocols
2010m.html#23 A mighty fortress is our PKI, Part II
2010m.html#60 towards https everywhere and strict transport security
2010o.html#56 The Credit Card Criminals Are Getting Crafty
2010o.html#67 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
211c.html#58 RISCversus CISC
2011k.html#74 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011m.html#11 PKI "fixes" that don't fix PKI
2011n.html#7 Founders of SSL Call Game Over?
2012.html#65 Reject gmail
2012b.html#71 Password shortcomings
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012d.html#31 Can SSL Certificate Checking System Be Saved?
2012i.html#73 Operating System, what is it?
2012j.html#62 The Myth of Password Complexity & Frequent Change Rules
2013j.html#33 8080 BASIC
2013m.html#17 Steve B sees what investors think
2014c.html#33 Royal Pardon For Turing
2014c.html#60 Bloat
2014e.html#47 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014f.html#17 Online Debit, Credit Fraud Will Soon Get Much Worse
2014g.html#15 Is it time for a revolution to replace TLS?
2014k.html#56 LA Times commentary: roll out "smart" credit cards to deter fraud

top, by subject: technology, networking, public key, integrity, Boyd


(other) Postings by various subjects

360/370 m'code
First 360 PCM/OEM Controller
Misc. 545 Tech Sq and Cambridge Science Center
Disk Engineering
Performance and/or Scheduling
Cluster, High Availability and/or Loosely-Coupled
APL and/or HONE
Multiprocessor, tightly-coupled, SMP, compare&swap
Working Set, LRU, WSClock Page Replacement Algorithm
Misc. subthreads:
801 &/or ROMP
Misc. mainframe related threads:
Memory Mapping & File System
Backup, storage management
Benchmarking, workload profile, capacity planning
Future system
Problem determination, zombies, dump readers
System/R, SQL/DS, misc RDBMS
Location/address independent code
Misc. commercial time-sharing
peer-coupled shared data
GML origin at science center
misc VAMPS and/or bounce lock
continuous availability, disaster survivability, geographic survivability
mentioning HASP
IBM DASD, CKD, FBA, vtocs, multi-track search, etc
BDAM and/or CICS
Unbundling and charging for software
Misc. Bitnet, Earn
HSDT, HYPERChannel
Misc. ARPANET, NSFNET, Internet
OSI and High Speed Protocol
Misc. Interop '88 references
Misc. Internal Network references
RFC1044 Implementation
Various Terminal Emulation issues
Computer Mediated Conversation
3 tier, middle layer, SAA
Original Payment Gateway

three factor authentcation
Assurance
some mention of EU FINREAD
Risk, Fraud, Exploits, Vulnerabilities
Account Number Harvesting
postings mentioning MITM attacks
Buffer overflows, overruns, exploits
Secrets and Account numbers
Counterfeit YES CARDS
Naked Transaction Metaphor
Boyd
other Boyd references from around the web

top, by subject: technology, networking, public key, integrity, Boyd - home