Collected Postings

2016- Collected Postings, 2013-2015 Collected Postings, 2011-2012 Collected Postings, 2009-2010 Collected Postings, 2007-2008 Collected Postings, 2005-2006 Collected Postings, 2003-2004 Collected Postings, 2001-2002 Collected Postings, 1993-2000 Collected Postings, Internet History Postings, Old EMAIL Index

Payment Gateway moved to: subnetwork.html#gateway
Client and Radius Authentication
SSL Domain Name Server Certificates
X9.59, Identity, Authentication, and Privacy
Misc. Relying Party Certificates
Kerberos and/or pk-init
certificate-less operation
Coining the term certificate manufacturing to differentiate from PKI
Electronic Signature legislation, human signature, intent
Discussion of real-time public key distribution with DNS
Digital Certificate Payload Bloat
--
Old Public Key email from 1981

Client and Radius Authentication

2015f.html#14 Credit card fraud solution coming to America...finally
2015c.html#81 On a lighter note, even the Holograms are demonstrating
2014g.html#37 Special characters for Passwords
2012j.html#62 The Myth of Password Complexity & Frequent Change Rules
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012j.html#54 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012b.html#71 Password shortcomings
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2010l.html#63 A mighty fortress is our PKI, Part II
2010f.html#3 Why is Kerberos ever used, rather than modern public key cryptography?
2009m.html#22 PCI SSC Seeks standard for End to End Encryption?
2009l.html#6 Cyber attackers empty business accounts in minutes
2009k.html#72 Client Certificate UI for Chrome?
2009g.html#75 Radius Server Or AAA Server
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
2008r.html#48 Dilbert is non-fiction
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2008n.html#70 Could you please tell me about RADIUS authentication and how it works?
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008k.html#51 The PKC-only application security model
2008k.html#40 Calling Out
2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
aadsm28.htm#31 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
2007u.html#76 folklore indeed
2007u.html#51 folklore indeed
2007f.html#60 Certificates
2007.html#15 SSL info
2006v.html#49 Patent buster for a method that increases password security
2006u.html#4 ssh - password control or key control?
aadsm24.htm#8 Microsoft - will they bungle the security game?
aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
aadsm23.htm#52 Status of opportunistic encryption
2006i.html#25 Benefits of PKI - 5,000 nodes organization
2006i.html#13 Multi-layered PKI implementation
2006c.html#35 X.509 and ssh
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2005q.html#29 IPSEC wireless router ?
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#13 IPSEC with non-domain Server
2005q.html#1 Effective micropayments
2005p.html#40 how password is stored and check the authentication??
2005p.html#35 PKI
2005p.html#33 Digital Singatures question
aadsm21.htm#8 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
aadsm21.htm#4 Another entry in the internet security hall of shame
aadsm20.htm#38 Another entry in the internet security hall of shame
aadsm20.htm#37 Another entry in the internet security hall of shame
2005o.html#9 Need a HOW TO create a client certificate for partner access
2005n.html#51 IPSEC and user vs machine authentication
2005n.html#43 X509 digital certificate for offline solution
2005m.html#37 public key authentication
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005.html#5 Globus/GSI versus Kerberos
aadsm19.htm#43 massive data theft at MasterCard processor
2005j.html#18 Repository for digital certificates
2005i.html#36 Improving Authentication on the Internet
2005i.html#27 REPOST: Authentication, Authorization TO Firewall
2005i.html#23 The Worth of Verisign's Brand
2005i.html#4 Authentication - Server Challenge
2005i.html#3 General PKI Question
2005i.html#2 Certificate Services
2005g.html#49 "Best practices" or "Best implementations"?
2005g.html#48 "Best practices" or "Best implementations"?
2005d.html#18 Digital signature with Javascript
2004h.html#21 Basics of key authentication
2003m.html#50 public key vs passwd authentication?
2003m.html#1 Password / access rights check
aepay11.htm#70 Confusing Authentication and Identiification? (addenda)
2003j.html#25 Idea for secure login
aadsm14.htm#27 Maybe It's Snake Oil All the Way Down
2003h.html#18 Authentication protocol
2003h.html#13 Authentication protocol
2003g.html#70 Simple resource protection with public keys
2003e.html#58 Security in RADIUS (RFC2865)
2003e.html#57 Security in RADIUS (RFC2865)
aadsm13.htm#30 How effective is open source crypto? (aads addenda)
2003d.html#42 Authentification vs Encryption in a system to system interface
2003.html#50 Origin of Kerberos
2002o.html#42 use of RADIUS
2002l.html#4 why is Kerberos better than this simpler replacement
2002l.html#3 why is Kerberos better than this simpler replacement
2002e.html#52 PKI and Relying Parties
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm7.htm#idcard2 AGAINST ID CARDS
aadsm7.htm#idcard AGAINST ID CARDS
aadsm7.htm#auth2 Who or what to authenticate?
2001k.html#63 how to start write a Firewall authentication client software
aadsm7.htm#auth Who or what to authenticate?
2001k.html#59 intranet security and user authentication questions
2001j.html#49 Are client certificates really secure?
2001i.html#9 Net banking, is it safe???
2001h.html#74 Net banking, is it safe???
aepay7.htm#ssexploitShared-Secret exploit
aadsm6.htm#nonreput2 Sender and receiver non-repudiation
aadsm6.htm#nonreput Sender and receiver non-repudiation
2001g.html#26 distributed authentication
2001g.html#3 distributed authentication
2001g.html#1 distributed authentication
aepay6.htm#userauth MS masters NC mind-set (authentication is the key)
2001d.html#46 anyone have digital certificates sample code
2001d.html#21 What is PKI?
2001d.html#20 What is PKI?
2001c.html#34 PKI and Non-repudiation practicalities
2001c.html#9 Server authentication
2001c.html#8 Server authentication
2000c.html#2 Financial Stnadards Work group?
2000b.html#92 Question regarding authentication implementation
2000b.html#90 Question regarding authentication implementation
2000.html#57 RealNames hacked. Firewall issues
2000.html#47 TLS: What is the purpose of the client certificate request?
2000.html#33 SmartCard with ECC crypto
99.html#235 Attacks on a PKI
99.html#230 Radius Help help!!!
99.html#229 Digital Signature on SmartCards
99.html#224 X9.59/AADS announcement at BAI this week
99.html#217 AADS/X9.59 demo & standards at BAI (world-wide retail banking) show
99.html#216 Ask about Certification-less Public Key
ansiepay.htm#x959demo X9.59/AADS demos operational
aepay4.htm#rfc2807c RFC 2807 published today XML Signature Requirements
aepay4.htm#rfc2807b RFC 2807 published today XML Signature Requirements
aepay4.htm#comcert7 Merchant Comfort Certificates
aepay4.htm#comcert6 Merchant Comfort Certificates
aepay2.htm#privrule3 U.S. firms gird for privacy rules
aadsm2.htm#pkikrb PKI/KRB
aadsm2.htm#keyl4 On leaving the 56-bit key length limitation
aadsm2.htm#straw AADS Strawman
aadsm2.htm#account A different architecture? (was Re: certificate path
aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV

top, by subject: technology, networking, public key, integrity, Boyd - home


SSL Domain Name Server Certificates

2016f.html#107 How to Win the Cyberwar Against Russia
2016d.html#79 Is it a lost cause?
2015f.html#14 Credit card fraud solution coming to America...finally
2015f.html#3 Credit card fraud solution coming to America...finally
2015d.html#18 Can we design machines to automate ethics?
2015d.html#11 "Trust in digital certificate ecosystem eroding"
2015d.html#4 "Trust in digital certificate ecosystem eroding"
2015c.html#81 On a lighter note, even the Holograms are demonstrating
2014m.html#86 Economic Failures of HTTPS Encryption
2014m.html#85 Economic Failures of HTTPS Encryption
2014m.html#56 The Road Not Taken: Knowing When to Keep Your Mouth Shut
2014l.html#55 LA Times commentary: roll out "smart" credit cards to deter fraud
2014j.html#98 Cybersecurity
2014j.html#78 Firefox 32 supports Public Key Pinning
2014g.html#7 [Cryptography] Is it time for a revolution to replace TLS?
2014f.html#8 Is cybersecurity the next banking crisis in the making?
2014e.html#78 How the Internet wasn't Commercial Dataprocessing
2014e.html#56 "NSA foils much internet encryption"
2014e.html#31 U.S. States Investigating Breach at Experian
2014e.html#7 Last Gasp for Hard Disk Drives
2014d.html#13 Royal Pardon For Turing
2014b.html#23 Quixotically on-topic post, still on topic
2013o.html#79 Would Target cybersecurity breach occur with a digital ID system?
2013j.html#33 8080 BASIC
2013i.html#46 OT: "Highway Patrol" back on TV
2013g.html#40 The Vindication of Barb
2013f.html#70 How internet can evolve
2013f.html#47 Pirate Bay co-founder charged with hacking IBM mainframes, stealing money
2013f.html#45 Reports: IBM may sell x86 server business to Lenovo
2013c.html#34 The United States is leaking 1TB of data daily to foreign countries
2013c.html#2 Legal Lessons from PATCO Fraud Case
2012n.html#71 history of Programming language and CPU in relation to each other
2012l.html#67 Strings (hijacked from: The IBM zEnterprise EC12 announcment)
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012j.html#53 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012i.html#35 US Senate proposes national data breach notification act
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012d.html#20 Writing article on telework/telecommuting
2012c.html#7 The Convergence of PKI
2012b.html#94 public key, encryption and trust
2012b.html#69 PKI and SSL - the jaws of trust snap shut
2012b.html#17 Time To Scrap SSL?
2012.html#97 Is SSL Cert Holder ID Verification A Joke?
2012.html#91 Has anyone successfully migrated off mainframes?
2012.html#65 Reject gmail
2011p.html#2 What the heck is cloud computer and why does it matter
2011o.html#54 Speed: Re: Soups
2011n.html#6 Founders of SSL Call Game Over?
2011n.html#0 Before Netscape: the forgotten Web browsers of the early 1990s
2011m.html#54 Any candidates for best acronyms?
2011m.html#48 ISBNs
2011m.html#23 Benefits of Online Banking
2011m.html#11 PKI "fixes" that don't fix PKI
2011l.html#72 Selectric Typewriter--50th Anniversary
2011l.html#48 Does outsourcing cause data loss?
2011k.html#65 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011k.html#64 Fraudulent Google credential found in the wild
2011j.html#63 Why do defenders keep losing to smaller cyberwarriors?
2011h.html#59 SSL digital certificates
2011g.html#60 Is the magic and romance killed by Windows (and Linux)?
2011g.html#24 Fight Fraud with Device ID
2011g.html#18 Fight Fraud with Device ID
2011g.html#11 Is the magic and romance killed by Windows (and Linux)?
2011f.html#25 Fear the Internet, was Cool Things You Can Do in z/OS
2011f.html#14 How is SSL hopelessly broken? Let us count the ways
2011e.html#71 Fraudulent certificates issued for major websites
2010o.html#45 A Wolf In Sheep's Clothing - New Threat
2010o.html#44 A Wolf In Sheep's Clothing - New Threat
2010o.html#42 Facebook and Twitter fail basic security test
2010o.html#36 Cookies Are Dead in the Fight Against Fraud
2010o.html#31 Survey Outlines Compliance Challenge Among Small Merchants
2010o.html#23 Spooky Myths that Trick Merchants When It Comes to Secure Payments Processes
2010o.html#9 On Scope Scrinkage in PCI DSS
2010n.html#37 Do we really need to care about DNS Security?
2010n.html#24 A question about HTTPS
2010n.html#4 zSecurity blog post - "READ is not benign"
2010n.html#2 UAE Man-in-the-Middle Attack Against SSL
2010n.html#0 UAE Man-in-the-Middle Attack Against SSL
2010m.html#89 UAE Man-in-the-Middle Attack Against SSL
2010m.html#77 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#76 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#75 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#70 towards https everywhere and strict transport security (was: Has there been a change in US banking regulations recently?)
2010m.html#60 towards https everywhere and strict transport security
2010m.html#51 Has there been a change in US banking regulations recently?
2010m.html#50 Has there been a change in US banking regulations recently?
2010m.html#3 Five Theses on Security Protocols
2010l.html#82 Five Theses on Security Protocols
2010l.html#79 Five Theses on Security Protocols
2010l.html#71 A slight modification of my comments on PKI
2010l.html#62 A mighty fortress is our PKI
2010l.html#58 A mighty fortress is our PKI
2010l.html#57 A mighty fortress is our PKI
2010i.html#51 Visa fraud alert puts banks, payment processors on guard
2010h.html#69 Idiotic programming style edicts
2010h.html#54 Trust Facade
2010h.html#25 In SSL We Trust? Not Lately
2010g.html#84 In SSL We Trust? Not Lately
2010g.html#79 In SSL We Trust? Not Lately
2010g.html#74 Unknown SSL credential could imperil Firefox, Mac users
2010g.html#65 Fraudsters Can Easily Buy SSL Certificates, Researcher Finds
2010g.html#14 Gov't coerced Certs thwart SSL/TLS
2010g.html#10 Gov't coerced Certs thwart SSL/TLS
2010f.html#92 Why do most websites use HTTPS only while logging you in...and not for the entire session?
2010f.html#80 Law Enforcement Appliance Subverts SSL
2010f.html#71 Law Enforcement Appliance Subverts SSL
2010f.html#3 Why is Kerberos ever used, rather than modern public key cryptography?
2010e.html#19 What's with IBMLINK now??
2010b.html#70 Happy DEC-10 Day
2010b.html#69 Happy DEC-10 Day
2010b.html#62 Happy DEC-10 Day
2009r.html#36 SSL certificates and keys
2009r.html#32 SSL certificates and keys
2009p.html#88 Kaminsky Bug Options Include "Do Nothing," Says IETF
2009p.html#29 Computer Experts Deconstruct FDIC Email Scam
2009o.html#54 Should SSL be enabled on every website?
2009o.html#22 Rogue PayPal SSL Certificate Available in the Wild - IE, Safari and Chrome users beware
2009o.html#3 Sophisticated cybercrooks cracking bank security efforts
2009n.html#6 OSS's Simple Sabotage Field Manual
2009m.html#41 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#7 Need new 3270 emulator: SSH, inexpensive, reliable
2009l.html#57 Linkedin digital certificate today
2009k.html#60 The satate of software
2009k.html#53 A Complete History Of Mainframe Computing
2009k.html#46 More holes found in Web's SSL security protocol
2009k.html#38 More holes found in Web's SSL security protocol
2009k.html#33 Trouble in PKI land
2009k.html#23 Security certificate warnings don't work, researchers say
2009k.html#21 Security certificate warnings don't work, researchers say
2009j.html#57 How can we stop Credit card FRAUD?
2009j.html#25 Database Servers: Candy For Hackers
2009j.html#20 Kaminsky interview: DNSSEC addresses cross-organizational trust and security
2009g.html#57 LexisNexis says its data was used by fraudsters
2009g.html#48 Inventor: SSL security woes are really the fault of browser design
2009f.html#14 SSL: Broken Even More
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009c.html#63 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009c.html#60 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009c.html#58 Has anyone seen a lift from using an Extended Validation SSL Certificate?
2009c.html#50 SSLstrip hacking tool bypasses SSL to trick users, steal passwords
2009b.html#70 Amazon Launches Flexible Payments As a Commercial Service
2009b.html#33 Phish-Pharming: Using social engineering to hijack domains at the source
2009.html#56 Data losses set to soar
2009.html#7 Swedish police warn of tampered credit card terminals
2008s.html#78 Boffins bust web authentication with game consoles
2008s.html#76 Boffins bust web authentication with game consoles
2008s.html#72 CA issues no-questions asked Mozilla cert
2008q.html#72 https question
2008q.html#3 GPG
2008o.html#11 Browser Security UI: the horns of the dilemma
2008o.html#4 Wachovia Bank web site
2008n.html#100 Wachovia Bank web site
2008n.html#96 Wachovia Bank web site
2008n.html#93 How did http get a port number as low as 80?
2008n.html#92 How did http get a port number as low as 80?
2008n.html#55 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008l.html#69 Verifying Verified By Visa - Registration breaks chain of trust
2008l.html#52 Quality of IBM school clock systems?
2008l.html#50 IBM manual web pages
2008l.html#46 z/OS BIND9 DNS Vulnerable to Cache Poisoning Attack Problem?
2008l.html#34 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#28 Verifying Verified By Visa - Registration breaks chain of trust
2008k.html#74 Top 10 vulnerabilities for service orientated architecture?
2008k.html#29 dollar coins
2008j.html#63 CLIs and GUIs
2008i.html#70 Next Generation Security
aadsm28.htm#82 Can we copy trust?
2008h.html#72 SSL certificates - from a customer's point of view (trust)
aadsm28.htm#79 User interface, security, and "simplicity"
aadsm28.htm#48 World's biggest PKI goes open source: DogTag is released
aadsm28.htm#47 delegating SSL certificates
aadsm28.htm#21 Dutch Transport Card Broken
2008.html#61 1975 movie "Three Days of the Condor" tech stuff
2007u.html#76 folklore indeed
2007t.html#61 Crypto Related Posts
2007s.html#23 The new urgency to fix online privacy
2007r.html#24 How to tell a fake SSL certificate from a real one
2007r.html#19 How to tell a fake SSL certificate from a real one
2007r.html#18 How to tell a fake SSL certificate from a real one
2007r.html#17 How to tell a fake SSL certificate from a real one
2007r.html#12 How to tell a fake SSL certificate from a real one
2007q.html#72 Value of SSL client certificates?
aadsm27.htm#62 Fingerprint Firefox Plugin?
2007q.html#30 what does xp do when system is copying
207q.html#1 what does xp do when system is copying
aadsm27.htm#35 The bank fraud blame game
2007n.html#9 John W. Backus, 82, Fortran developer, dies
2007n.html#5 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#30 A secure Internet requires a secure network protocol
2007m.html#41 X.509 weakness?
2007l.html#41 My Dream PC -- Chip-Based
2007l.html#6 John W. Backus, 82, Fortran developer, dies
2007l.html#0 John W. Backus, 82, Fortran developer, dies
2007k.html#79 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#20 307 digit number factored
aadsm27.htm#19 307 digit number factored
aadsm27.htm#18 PKI moving to adopt the plugin model -- realignment to security based on user-needs?
aadsm27.htm#16 dnssec?
aadsm27.htm#15 307 digit number factored
aadsm27.htm#14 307 digit number factored
2007k.html#32 SSL Security
aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
2007h.html#67 SSL vs. SSL over tcp/ip
2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
2007h.html#21 asymmetric cryptography + digital signature
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
aadsm26.htm#53 The One True Identity -- cracks being examined, filled, and rotted out from the inside
aadsm26.htm#52 The One True Identity -- cracks being examined, filled, and rotted out from the inside
aadsm26.htm#51 The One True Identity -- cracks being examined, filled, and rotted out from the inside
2007g.html#50 DNSSEC to be strangled at birth
2007g.html#63 The Perfect Computer - 36 bits?
2007g.html#60 Can SSL sessions be compromised?
2007g.html#38 Can SSL sessions be compromised?
2007g.html#32 Can SSL sessions be compromised?
2007f.html#75 Securing financial transactions a high priority for 2007
2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
2007d.html#67 SLL Certificate
2007d.html#60 SLL Certificate
2007d.html#36 MAC and SSL
2007d.html#35 MAC and SSL
aadsm26.htm#34 Failure of PKI in messaging
aadsm26.htm#33 Failure of PKI in messaging ... addenda
aadsm26.htm#32 Failure of PKI in messaging
aadsm26.htm#31 man in the middle, SSL ... addenda 2
2007d.html#26 Securing financial transactions a high priority for 2007
aadsm26.htm#28 man in the middle, SSL
aadsm26.htm#27 man in the middle, SSL ... addenda
aadsm26.htm#26 man in the middle, SSL
aadsm26.htm#25 EV - what was the reason, again?
2007c.html#51 Securing financial transactions a high priority for 2007
2007c.html#30 Securing financial transactions a high priority for 2007
2007b.html#53 Forbidding Special characters in passwords
2007.html#17 SSL info
2007.html#15 SSL info
2007.html#7 SSL info
2006y.html#7 Securing financial transactions a high priority for 2007
2006x.html#36 SSL security with server certificate compromised
2006w.html#15 more secure communication over the network
2006v.html#49 Patent buster for a method that increases password security
aadsm26.htm#1 Extended Validation - setting the minimum liability, the CA trap, the market in browser governance
2006t.html#8 Root CA CRLs
2006t.html#2 Is the teaching of non-reentrant HLASM coding practices ever defensible?
2006s.html#11 Why not 2048 or 4096 bit RSA key issuance?
aadsm25.htm#36 signing all outbound email
2006p.html#7 SSL, Apache 2 and RSA key sizes
aadsm25.htm#17 Hamiltonian path as protection against DOS
aadsm24.htm#44 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm24.htm#33 Threatwatch - 2-factor tokens attacked by phishers
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#24 It's official! SSH whips HTTPS butt! (in small minor test of no import....)
aadsm23.htm#47 Status of opportunistic encryption
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#2 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006j.html#48 where do I buy a SSL certificate?
2006j.html#47 where do I buy a SSL certificate?
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
2006h.html#34 The Pankian Metaphor
2006h.html#27 confidence in CA
aadsm23.htm#3 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006f.html#34 X.509 and ssh
2006f.html#33 X.509 and ssh
2006f.html#32 X.509 and ssh
2006f.html#29 X.509 and ssh
2006f.html#17 trusted certificates and trusted repositories
2006f.html#15 trusted certificates and trusted repositories
2006e.html#42 SSL Certificate Signing
aadsm22.htm#19 "doing the CA statement shuffle" and other dances
aadsm22.htm#18 "doing the CA statement shuffle" and other dances
2006d.html#29 Caller ID "spoofing"
2006d.html#28 Caller ID "spoofing"
2006d.html#26 Caller ID "spoofing"
2006c.html#39 X.509 and ssh
2006c.html#38 X.509 and ssh
2006c.html#36 Secure web page?
2006c.html#35 X.509 and ssh
aadsm22.htm#17 Major Browsers and CAS announce balkanisation of Internet Security
2006c.html#13 X.509 and ssh
2006c.html#10 X.509 and ssh
2006.html#33 The new High Assurance SSL Certificates
aadsm22.htm#0 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#40 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#39 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#36 browser vendors and CAs agreeing on high-assurance certificates
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#28 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#9 PGP Lame question
2005u.html#8 PGP Lame question
2005u.html#2 PGP Lame question
aadsm21.htm#24 Broken SSL domain name trust model
aadsm21.htm#23 Broken SSL domain name trust model
aadsm21.htm#22 Broken SSL domain name trust model
2005t.html#34 RSA SecurID product
2005t.html#32 RSA SecurID product
2005t.html#6 phishing web sites using self-signed certs
2005t.html#0 TTP and KCM
2005s.html#49 phishing web sites using self-signed certs
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2005q.html#29 IPSEC wireless router ?
2005p.html#32 PKI Certificate question
aadsm20.htm#43 Another entry in the internet security hall of shame
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005o.html#41 Certificate Authority of a secured P2P network
aadsm20.htm#37 Another entry in the internet security hall of shame
aadsm20.htm#32 How many wrongs do you need to make a right?
aadsm20.htm#31 The summer of PKI love
aadsm20.htm#27 [Clips] Does Phil Zimmermann need a clue on VoIP?
aadsm20.htm#26 [Clips] Does Phil Zimmermann need a clue on VoIP?
2005n.html#9 Which certification authority to use
2005n.html#5 Wildcard SSL Certificates
2005m.html#45 Digital ID
aadsm20.htm#9 the limits of crypto and authentication
2005m.html#18 S/MIME Certificates from External CA
2005m.html#1 Creating certs for others (without their private keys)
2005m.html#0 simple question about certificate chains
2005l.html#32 More Phishing scams, still no SSL being used
2005l.html#24 The Worth of Verisign's Brand
2005l.html@23 The Worth of Verisign's Brand
2005l.html#21 The Worth of Verisign's Brand
aadsm19.htm#42 massive data theft at MasterCard processor
2005l.html#1 The Worth of Verisign's Brand
2005k.html#60 The Worth of Verisign's Brand
2005k.html#29 More Phishing scams, still no SSL being used
aadsm19.htm#17 What happened with the session fixation bug?
2005i.html#36 Improving Authentication on the Internet
2005i.html#34 The Worth of Verisign's Brand
2005i.html#21 The Worth of Verisign's Brand
2005i.html#9 More Phishing scams, still no SSL being used
2005i.html#8 More Phishing scams, still no SSL being used
2005i.html#7 Improving Authentication on the Internet
aadsm19.htm#13 What happened with the session fixation bug?
2005i.html#3 General PKI Question
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#0 More Phishing scams, still no SSL being used
2005h.html#29 Dealing with warning that certifcate can't be trusted?
2005h.html#27 How do you get the chain of certificates & public keys securely
2005h.html#8 keysigning: identity checks
2005g.html#50 Maximum RAM and ROM for smartcards
2005g.html#45 Maximum RAM and ROM for smartcards
2005g.html#44 Maximum RAM and ROM for smartcards
2005g.html#9 What is a Certificate?
2005g.html#1 What is a Certificate?
2005g.html#0 What is a Certificate?
aadsm19.htm#8 GeoTrust says existing PKI practices are worthless
2005f.html#20 Some questions on smart cards (Software licensing using smart cards)
2005f.html#9 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#51 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#27 PKI: the end
2005e.html#26 PKI: the end
2005e.html#25 PKI: the end
2005e.html#22 PKI: the end
2005c.html#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
2005b.html#32 Noobie SSL certificate problem
2005.html#35 Do I need a certificat?
2004q.html#53 [Lit.] Buffer overruns
2004q.html#42 browser without "padlock" secure?
aadsm18.htm#43 SSL/TLS passive sniffing
2004m.html#12 How can I act as a Certificate Authority (CA) with openssl ??
2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#2 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#59 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#28 Convince me that SSL certificates are not a big scam
aadsm18.htm#16 In Search of Eve - the upper boundary on Mallory
aadsm18.htm#15 In Search of Eve - the upper boundary on Mallory
aadsm18.htm#14 In Search of Eve - the upper boundary on Mallory
aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
2004g.html#6 Adding Certificates
aadsm17.htm#37 Moving forward with pre-shared keys
aadsm17.htm#18 PKI International Consortium
2004b.html#41 SSL certificates
2004b.html#40 SSL certificates
2004b.html#39 SSL certificates
2003p.html#20 Dumb anti-MITM hacks / CAPTCHA application
aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#26 SSL, client certs, and MITM (was WYTM?)
2003n.html#10 Cracking SSL
aadsm15.htm#16 how simple is SSL? (Re: Monoculture)
aadsm15.htm#7 Is cryptography where security took the wrong branch?
2003l.html#60 Proposal for a new PKI model (At least I hope it's new)
2003l.html#57 Proposal for a new PKI model (At least I hope it's new)
2003l.html#55 Proposal for a new PKI model (At least I hope it's new)
2003l.html#54 Proposal for a new PKI model (At least I hope it's new)
2003l.html#53 Proposal for a new PKI model (At least I hope it's new)
2003l.html#52 Proposal for a new PKI model (At least I hope it's new)
2003l.html#51 Proposal for a new PKI model (At least I hope it's new)
2003l.html#46 Proposal for a new PKI model (At least I hope it's new)
2003l.html#45 Proposal for a new PKI model (At least I hope it's new)
2003l.html#43 Proposal for a new PKI model (At least I hope it's new)
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
aadsm14.htm#37 Keyservers and Spam
aadsm14.htm#36 An attack on paypal
aadsm14.htm#9 "Marginot Web" (SSL, payments, etc)
2003f.html#25 New RFC 3514 addresses malicious network traffic
aadsm13.htm#37 How effective is open source crypto?
aadsm13.htm#36 How effective is open source crypto? (bad form)
aadsm13.htm#35 How effective is open source crypto? (bad form)
aadsm13.htm#34 How effective is open source crypto? (bad form)
aadsm13.htm#33 How effective is open source crypto? (bad form)
aadsm13.htm#32 How effective is open source crypto? (bad form)
aadsm13.htm#29 How effective is open source crypto? (bad form)
aadsm13.htm#28 How effective is open source crypto? (addenda)
aadsm13.htm#26 How effective is open source crypto?
aadsm13.htm#25 Certificate Policies (addenda)
2003d.html#30 SSL questions
2003d.html#29 SSL questions
aadsm13.htm#10 X.500, LDAP Considered harmful Was: OCSP/LDAP
aepay11.htm#5 Self-Regulating SSL Certificate Authority
2003.html#63 SSL & Man In the Middle Attack
2003.html#52 SSL & Man In the Middle Attack
aadsm12.htm#67 Offline Root CA with valid CRL hierachie
aepay10.htm#83 SSL certs & baby steps
aepay10.htm#82 SSL certs & baby steps (addenda)
aepay10.htm#81 SSL certs & baby steps
aepay10.htm#80 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.htm#79 ssl certs
aepay10.htm#78 ssl certs
aepay10.htm#77 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.htm#76 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.htm#75 Invisible Ink, E-signatures slow to broadly catch on (addenda)
2002p.html#21 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#20 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#19 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#18 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#17 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#12 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#11 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#10 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to
2002o.html#10 Are ssl certificates all equally secure?
2002o.html#7 Are ssl certificates all equally secure?
2002n.html#2 SRP authentication for web app
2002m.html#65 SSL certificate modification
2002m.html#64 SSL certificate modification
2002m.html#30 Root certificate definition
2002k.html#11 Serious vulnerablity in several common SSL implementations?
2002j.html#79 Q: Trust in an X.509 certificate
2002j.html#61 SSL integrity guarantees in abscense of client certificates<
2002j.html#59 SSL integrity guarantees in abscense of client certificates
2002j.html#58 SSL integrity guarantees in abscense of client certificates
2002j.html#38 MITM solved by AES/CFB - am I missing something?!
2002g.html#65 Real man-in-the-middle attacks?
2002e.html#72 Digital certificate varification
2002e.html#56 PKI and Relying Parties
2002d.html#47 SSL MITM Attacks
aadsm10.htm#cfppki20 CFP: PKI research workshop
aadsm9.htm#cfppki6 CFP: PKI research workshop
aadsm9.htm#cfppki5 CFP: PKI research workshop
2001n.html#73 A PKI question and an answer
2001n.html#58 Certificate Authentication Issues in IE and Verisign
2001n.html#57 Certificate Authentication Issues in IE and Verisign
2001m.html#41 Solutions to Man in the Middle attacks?
2001m.html#37 CA Certificate Built Into Browser Confuse Me
2001m.html#35 CA Certificate Built Into Browser Confuse Me
aadsm8.htm#softpki20 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki14 DNSSEC (RE: Software for PKI)
2001m.html#21 misc. SSL
aadsm8.htm#softpki12 Software for PKI
aadsm8.htm#softpki11 Software for PKI
aadsm8.htm#softpki10 Software for PKI
aadsm8.htm#softpki9 Software for PKI
aadsm8.htm#softpki8 Software for PKI
aadsm8.htm#softpki7 Software for PKI
aadsm8.htm#softpki6 Software for PKI
aadsm8.htm#softpki5 Software for PKI
aadsm8.htm#softpki4 Software for PKI
aadsm8.htm#softpki3 Software for PKI
aadsm8.htm#softpki2 Software for PKI
aadsm8.htm#softpki Software for PKI
2001l.html#31 voice encryption box (STU-III for the masses)
2001l.html#29 voice encryption box (STU-III for the masses)
2001l.html#26 voice encryption box (STU-III for the masses)
2001l.html#22 Web of Trust
2001k.html#6 Is VeriSign lying???
2001j.html#8 PKI (Public Key Infrastructure)
2001h.html#6 PKI/Digital signature doesn't work
2001h.html#4 PKI/Digital signature doesn't work
2001g.html#40 Self-Signed Certificate
2001g.html#31 Root certificates
2001g.html#25 Root certificates
2001g.html#21 Root certificates
2001g.html#19 Root certificates
2001g.html#17 Root certificates
2001g.html#16 Root certificates
2001g.html#10 Root certificates
2001g.html#2 Root certificates
aepay6.htm#pkimort Problem with the (lingering) death of x.509 PKI ... forwarded ... fyi
aepay6.htm#dspki use of digital signatures and PKI
aadsm5.htm#dspki use of digital signatures and PKI
aepay6.htm#crlwork do CRL's actually work?
2001e.html#56 Need explaination of PKI and Kerberos
2001e.html#49 Can I create my own SSL key?
aadsm5.htm#conpki The Fundamental Inadequacies of Conventional PKI
2001e.html#46 Can I create my own SSL key?
2001e.html#43 Can I create my own SSL key?
2001e.html#40 Can I create my own SSL key?
2001e.html#39 Can I create my own SSL key?
2001e.html#37 Can I create my own SSL key?
2001e.html#36 Can I create my own SSL key?
2001e.html#35 Can I create my own SSL key?
2001e.html#33 Can I create my own SSL key?
2001e.html#27 Can I create my own SSL key?
2001e.html#26 Can I create my own SSL key?
2001c.html#62 SSL weaknesses
2001c.html#9 Server authentication
2001c.html#8 Server authentication
2000g.html#25 SSL as model of security
2000e.html#51 Why trust root CAs?
2000e.html#50 Why trust root CAs?
2000e.html#47 Why trust root CAs?
2000e.html#40 Why trust root CAs?
2000b.html#93 Question regarding authentication implementation
2000b.html#40 general questions on SSL certificates
aepay6.htm#gaopki4 GAO: Government faces obstacles in PKI security adoption
aepay4.htm#3dssl VISA 3D-SSL
aepay4.htm#dnsinteg2 Domain Name integrity problem
aepay4.htm#comcert16 Merchant Comfort Certificates
aepay4.htm#comcert14 Merchant Comfort Certificates
aepay4.htm#comcert13 Merchant Comfort Certificates
aepay4.htm#comcert12 Merchant Comfort Certificates
aepay4.htm#comcert11 Merchant Comfort Certificates
aepay4.htm#comcert10 Merchant Comfort Certificates
aepay4.htm#comcert9 Merchant Comfort Certificates
aepay4.htm#comcert5 Merchant Comfort Certificates
aepay4.htm#comcert3 Merchant Comfort Certificates
aepay4.htm#comcert Merchant Comfort Certificates
aepay3.htm#sslset2 "SSL & SET Query" ... from usenet group
aadsm5.htm#asrn3 Assurance, e-commerce, and some x9.59 ... fyi
aadsm5.htm#asrn2 Assurance, e-commerce, and some x9.59 ... fyi
aadsm3.htm#kiss10KISS for PKIX. (authentication/authorization seperation)
aadsm3.htm#kiss9KISS for PKIX .... password/digital signature
aadsm3.htm#kiss8KISS for PKIX
aadsm3.htm#kiss7KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss6KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss5 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss4KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss3KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm3.htm#kiss1KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm2.htm#integrity Scale (and the SRV record)
aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV

top, by subject: technology, networking, public key, integrity, Boyd - home


X9.59, Identity, Authentication, and Privacy

2016h.html#8 Make companies pay full cost of breaches to restore trust in the internet, says ISOC
2016h.html#4 OODA in IT Security
2016g.html#33 OODA-loop and virtual machines
2016f.html#108 How to Win the Cyberwar Against Russia
2016f.html#63 Missile Defense
2016f.html#59 Funny error messages
2016e.html#81 Why you need a strong authentication platform
2016e.html#74 The chip card transition in the US has been a disaster
2016e.html#73 The chip card transition in the US has been a disaster
2016e.html#35 How the internet was invented
2016e.html#13 Looking for info on IBM ATMs - 2984, 3614, and 3624
2016e.html#8 Intel spyware chip?
2016e.html#6 Is it a lost cause?
2016d.html#40 The real story of how the Internet became so vulnerable
2016c.html#67 We Must Stop The Race to Attribution After Each Cyberattack
2016c.html#57 Institutional Memory and Two-factor Authentication
2016b.html#38 Ransomware
2016.html#100 3270 based ATMs
2016.html#66 Lineage of TPF
2015h.html#90 History--did relay logic (e.g. crossbar switch) need air conditioning?
2015h.html#75 Were you at SHARE in Seattle? Watch your credit card statements!
2015h.html#68 R.I.P. Gene Amdahl, pioneer in mainframe computing
2015g.html#64 Intel: Criminals getting better at data exfiltration
2015f.html#32 Credit card fraud solution coming to America...finally
2015f.html#12 Credit card fraud solution coming to America...finally
2015f.html#3 Credit card fraud solution coming to America...finally
2015e.html#87 These hackers warned the Internet would become a security disaster. Nobody listened
2015d.html#61 Western Union envisioned internet functionality
2015c.html#81 On a lighter note, even the Holograms are demonstrating
2014m.html#92 The 10 Biggest Bank Card Hacks
2014m.html#85 Economic Failures of HTTPS Encryption
2014m.html#56 The Road Not Taken: Knowing When to Keep Your Mouth Shut
2014l.html#67 LA Times commentary: roll out "smart" credit cards to deter fraud
2014l.html#55 LA Times commentary: roll out "smart" credit cards to deter fraud
2014k.html#56 LA Times commentary: roll out "smart" credit cards to deter fraud
2014k.html#14 Cyberspace KISS
2014j.html#78 Firefox 32 supports Public Key Pinning
2014i.html#61 A computer at home?
2014h.html#67 Sale receipt--obligatory?
2014g.html#37 Special characters for Passwords
2014g.html#17 Is it time for a revolution to replace TLS?
2014f.html#74 Is end of mainframe near ?
2014f.html#70 Obama Administration Launches Plan To Make An "Internet ID" A Reality
2014f.html#19 Is cybersecurity the next banking crisis in the making?
2014f.html#17 Online Debit, Credit Fraud Will Soon Get Much Worse
2014e.html#78 How the Internet wasn't Commercial Dataprocessing
2014e.html#64 How the IETF plans to protect the web from NSA snooping
2014e.html#27 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014e.html#6 Credit Card Breach at California DMV Provides Yet Another Warning of Cyber Insecurities
2014d.html#102 How the IETF plans to protect the web from NSA snooping
2014d.html#40 Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It
2014d.html#13 Royal Pardon For Turing
2014d.html#9 NSA chief criticises media and suggests UK was right to detain David Miranda
2014d.html#3 Let's Face It--It's the Cyber Era and We're Cyber Dumb
2014c.html#33 Royal Pardon For Turing
2014b.html#22 Royal Pardon For Turing
2014.html#77 In a Cyber Breach, Who Pays, Banks or Retailers?
2014.html#65 Washington Post on Target store data thefts
2013o.html#79 Would Target cybersecurity breach occur with a digital ID system?
2013o.html#67 What Chase And Other Banks Won't Tell You About Selling Your Data
2013o.html#66 Target breach likely involved inside knowledge, experts say
2013o.html#59 Target breach likely involved inside knowledge, experts say
2013o.html#52 Secret contract tied NSA and security industry pioneer
2013o.html#50 Secret contract tied NSA and security industry pioneer
2013n.html#12 How the IETF plans to protect the web from NSA snooping
2013m.html#10 "NSA foils much internet encryption"
2013j.html#46 Feds indict indentity theft ring
2013j.html#45 U.S. agents 'got lucky' pursuing accused Russia master hackers
2013j.html#33 8080 BASIC
2013j.html#21 8080 BASIC
2013h.html#22 Check out Moto X: Motorola reveals plans for ink and even pills to replace AL
2013g.html#90 Experts: Network security deteriorating, privacy a lost cause
2013g.html#40 The Vindication of Barb
2013f.html#70 How internet can evolve
2013f.html#47 Pirate Bay co-founder charged with hacking IBM mainframes, stealing money
2013f.html#9 What Makes an Architecture Bizarre?
2013c.html#85 Digital Certificates Hide Malware
2013c.html#82 Retailer Sues Visa Over $13 Million "Fine" for Being Hacked
2013c.html#34 The United States is leaking 1TB of data daily to foreign countries
2013c.html#2 Legal Lessons from PATCO Fraud Case
2021p.html#28 Some interesting post about the importance of Security and what it means for the Mainframe
2012o.html#50 What will contactless payment do to security?
2012o.html#23 Does the IBM System z Mainframe rely on Security by Obscurity or is it Secure by Design?
2012o.html#0 history of Programming language and CPU in relation to each other
2012n.html#75 history of Programming language and CPU in relation to each other
2012n.html#67 history of Programming language and CPU in relation to each other
2012m.html#10 Does the IBM System z Mainframe rely on Security by Obscurity or is it Secure by Design
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012i.html#35 US Senate proposes national data breach notification act
2012g.html#11 There's Not an App for That: When Will Our Smartphones Be Recongized as Valid Forms of ID?
2012e.html#32 Visa, MasterCard warn of 'massive' security breach
2012e.html#31 PC industry is heading for more change
2012d.html#49 Do you know where all your sensitive data is located?
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012d.html#8 Time to pull the PIN!
2012b.html#94 public key, encryption and trust
2012b.html#71 Password shortcomings
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012b.html#10 Cloud apps placed well in the economic cycle
2012b.html#3 Why Threat Modelling fails in practice
2012.html#91 Has anyone successfully migrated off mainframes?
2012.html#65 Reject gmail
2011p.html#48 Hello?
2011o.html#13 Two-Factor Authentication - Hardware token or SMS OTP
2011o.html#1 Silicoin
2011n.html#47 PCI and the Insider Threat
2011n.html#15 Wicked Problems
2011n.html#7 Founders of SSL Call Game Over?
2011m.html#7 Selectric Typewriter--50th Anniversary
2011l.html#72 Selectric Typewriter--50th Anniversary
2011l.html#47 Does outsourcing cause data loss?
2011k.html#37 50th anniversary of BASIC, COBOL?
2011k.html#33 50th anniversary of BASIC, COBOL? (warning: unusually violentthread drift)
2011j.html#59 Why did the OODA-loop tactic grow into a strategy?
2011h.html#21 Eurofighter v F16
2011h.html#9 Breaches and Consumer Backlash
2011h.html#5 Home prices may drop another 25%, Shiller predicts
2011g.html#23 Fight Fraud with Device ID
2011g.html#18 Fight Fraud with Device ID
2011f.html#25 Fear the Internet, was Cool Things You Can Do in z/OS
2011f.html#14 How is SSL hopelessly broken? Let us count the ways
2011b.html#36 Internal Fraud and Dollar Losses
2011b.html#11 Credit cards with a proximity wifi chip can be as safe as walking around with your credit card number on a poster
2010p.html#40 The Great Cyberheist
2010p.html#25 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010p.html#5 Fun with ATM Skimmers, Part III
2010p.html#3 The Credit Card Criminals Are Getting Crafty
2010p.html#0 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010o.html#82 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010o.html#77 The Credit Card Criminals Are Getting Crafty
2010o.html#67 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010o.html#65 They always think we don't understand
2010o.html#56 The Credit Card Criminals Are Getting Crafty
2010o.html#54 The Credit Card Criminals Are Getting Crafty
2010o.html#51 The Credit Card Criminals Are Getting Crafty
2010o.html#50 The Credit Card Criminals Are Getting Crafty
2010o.html#49 The Credit Card Criminals Are Getting Crafty
2010o.html#46 The Credit Card Criminals Are Getting Crafty
2010o.html#36 Cookies Are Dead in the Fight Against Fraud
2010o.html#23 Spooky Myths that Trick Merchants When It Comes to Secure Payments Processes
2010o.html#9 On Scope Scrinkage in PCI DSS
2010n.html#72 When Merchants Get Rid Of Cardholder Data
2010n.html#52 Who are these people who think cybersecurity experts are crying wolf?
2010n.html#47 ZeuS attacks mobiles in bank SMS bypass scam
2010n.html#44 Who are these people who think cybersecurity experts are crying wolf?
2010n.html#28 Will new card innovation help interchange and improve retention?
2010n.html#25 Will new card innovation help interchange and improve retention?
2010n.html#23 Credit Card with a Computer Inside
2010n.html#5 Cyber criminals seek 'full' sets of credentials that trade for only a few pounds
2010n.html#4 zSecurity blog post - "READ is not benign"
2010n.html#1 zSecurity blog post - "READ is not benign"
2010m.html#65 How Safe Are Online Financial Transactions?
2010m.html#64 How Safe Are Online Financial Transactions?
2010m.html#57 Has there been a change in US banking regulations recently
2010m.html#56 About that "Mighty Fortress"... What's it look like?
2010m.html#38 U.K. bank hit by massive fraud from ZeuS-based botnet
2010m.html#31 Are we spending too little on security? Or are we spending too much??
2010m.html#30 AT&T, Verizon to Target Visa, MasterCard With Phones
2010m.html#29 Are we spending too little on security? Or are we spending too much??
2010m.html#19 AT&T, Verizon to Target Visa, MasterCard With Phones
2010m.html#7 GSM eavesdropping
2010m.html#6 Five Theses on Security Protocols
2010m.html#2 Five Theses on Security Protocols
2010l.html#82 Five Theses on Security Protocols
2010l.html#79 Five Theses on Security Protocols
2010l.html#72 A slight modification of my comments on PKI
2010l.html#71 A slight modification of my comments on PKI
2010l.html#70 A slight modification of my comments on PKI
2010l.html#59 A mighty fortress is our PKI
2010k.html#14 taking down the machine - z9 series
2010k.html#5 The Attacker's Advantage
2010j.html#0 Wal-Mart to support smartcard payments
2010i.html#62 blasts from the past -- old predictions come true
2010i.html#58 Cyber Self Defense: Reduce Your Attack Surface
2010i.html#25 Retailers blamed for making people vulnerable to credit card fraud and ID theft
2010h.html#69 Idiotic programming style edicts
2010h.html#54 Trust Facade
2010h.html#26 In SSL We Trust? Not Lately
2010h.html#25 In SSL We Trust? Not Lately
2010h.html#1 In SSL We Trust? Not Lately
2010g.html#84 In SSL We Trust? Not Lately
2010g.html#21 Should the USA Implement EMV?
2010f.html#92 Why do most websites use HTTPS only while logging you in...and not for the entire session?
2010f.html#75 Is Security a Curse for the Cloud Computing Industry?
2010f.html#56 Handling multicore CPUs; what the competition is thinking
2010f.html#26 Should the USA Implement EMV?
2010f.html#25 Should the USA Implement EMV?
2010f.html#19 Should the USA Implement EMV?
2010e.html#45 PCI tokenization push promising but premature, experts say
2010b.html#69 Happy DEC-10 Day
2010b.html#15 security and online banking
2010b.html#12 Korean bank Moves back to Mainframes (...no, not back)
2009s.html#47 Audits VII: the future of the Audit is in your hands
2009s.html#39 Six Months Later, MasterCard Softens a Controversial PCI Rule
2009r.html#55 Verizon report goes deep inside data breach investigations
2009r.html#29 Data Breaches Show PCI DSS Ineffective
2009r.html#19 Scammers scrape RAM for bank card data
2009r.html#16 70 Years of ATM Innovation
2009r.html#10 70 Years of ATM Innovation
2009q.html#75 Now is time for banks to replace core system according to Accenture
2009q.html#71 Trade Secrets and Confidential Information
2009q.html#54 Crypto dongles to secure online transactions
2009p.html#75 What's old is new again
2009p.html#72 Crypto dongles to secure online transactions
2009p.html#58 MasPar compiler and simulator
2009p.html#14 Heartland CIO is critical of First Data's credit card tokenization plan
2009o.html#66 Need for speedy cryptography
2009o.html#54 Should SSL be enabled on every website?
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009n.html#36 The Compliance Spectrum...Reducing PCI DSS Scope
2009n.html#26 Signature specification without certificates
2009n.html#7 Some companies are selling the idea that you can use just a (prox) physical access badge (single factor) for logical access as acceptable
2009n.html#4 Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
2009m.html#86 Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
2009m.html#51 Chip with PIN or Chip with signature
2009m.html#49 Hacker charges also an indictment on PCI, expert says
2009m.html#45 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#40 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#13 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009m.html#4 Hacker charges also an indictment on PCI, expert says
2009l.html#62 Client Certificate UI for Chrome? -- OT anonymous-transaction
2009l.html#53 Hacker charges also an indictment on PCI, expert says
2009l.html#50 Hacker charges also an indictment on PCI, expert says
2009l.html#6 Cyber attackers empty business accounts in minutes
2009k.html#77 Cyber attackers empty business accounts in minutes
2009k.html#60 The satate of software
2009k.html#54 The satate of software
2009k.html#25 Don't Take Fraud Out of Context
2009j.html#56 Replace the current antiquated credit card system
2009j.html#50 How can we stop Credit card FRAUD?
2009j.html#48 Replace the current antiquated credit card system
2009j.html#41 How can we stop Credit card FRAUD?
2009j.html#33 IBM touts encryption innovation
2009j.html#23 Database Servers: Candy For Hackers
2009j.html#20 Kaminsky interview: DNSSEC addresses cross-organizational trust and security
2009j.html#13 PCI SSC Seeks Input on Security Standards
2009j.html#11 Is anyone aware of a system that offers three layers of security and ID protection for online purchases or even over the counter POS purchases?
2009i.html#70 A Guide for Full Field Background Checks
2009i.html#53 Merchant Groups Ask for Broad Changes in Letter to PCI's Overseer
2009i.html#23 Why are z/OS people reluctant to use z/OS UNIX? (Are settlements a good argument for overnight batch COBOL ?)
2009i.html#14 Online Banking’s Innate Security Flaws
2009i.html#12 Latest Pilot Will Put Online PIN Debit to the Test for Credit Unions
2009h.html#69 How practically risky is it to use unsecured IMAP
2009h.html#8 Supercomputers and electronic commerce
2009g.html#64 What happened to X9.59?
2009g.html#63 New standard for encrypting card data in the works; backers include Heartland
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009g.html#57 LexisNexis says its data was used by fraudsters
2009g.html#29 Transparency and Visibility
2009g.html#26 Architectural Diversity
2009g.html#23 Architectural Diversity
2009f.html#10 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?
2009f.html#67 Just posted third article about toxic assets in a series on the current financial crisi
2009f.html#46 Who moved my payment?
2009f.html#7 An interesting take on Verified by Visa Policy
2009e.html#21 ATMs At Risk
2009e.html#15 The background reasons of Credit Crunch
2009d.html#76 1960 Western Union Facsimile Services
2009d.html#69 PCI Compliance
2009d.html#47 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
2009d.html#41 Return of the Smart Card?
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009d.html#6 Heartland Data Breach Update: Now More Than 150 Institutions Impacted
2009c.html#56 Why use RFID in personal documents & cards at all?
2009c.html#25 Crypto Craft Knowledge
2009b.html#62 Study: Data breaches continue to get more costly for businesses
2009b.html#50 Cellphones as Credit Cards? Americans Must Wait
2009b.html#29 is privacy a security attribute(component or ?). If yes, why? If no why not?
2009b.html#28 Online-Banking Authentication
2009b.html#14 question about ssh-keygen with empty passphrase
009b.html#13 US credit card payment house breaches by sniffing malware
2009b.html#6 US credit card payment house breached by sniffing malware
2009.html#78 Double authentification for internet payment
2009.html#62 IRS Mainframe Not Secure Enough
2009.html#60The 25 Most Dangerous Programming Errors
2009.html#34 Swedish police warn of tampered credit card terminals
2009.html#25 Wrong Instrument for Recurring Payments
2009.html#11 Swedish police warn of tampered credit card terminals
2009.html#10 Swedish police warn of tampered credit card terminals
2009.html#7 Swedish police warn of tampered credit card terminals
2008s.html#63 Garbage in, garbage out trampled by Moore's law
2008s.html#50 Perfect MITM Attacks With No-Check SSL
2008s.html#26 Combining EMV and eID on a payment card?
2008s.html#10 Data leakage - practical measures to improve Information Governance
2008s.html#1 PCI's Bob Russo: Data loss hurts brand more than a fine
2008r.html#53 21 million German bank account details on black market
2008r.html#23 What is the level of security in payment systems (credit and bank cards) nowadays?
2008r.html#2 Payment Card + Digital Signature
2008q.html#0 GPG
2008p.html#74 2008 Data Breaches: 30 Million and Counting
2008p.html#67 Web Security hasn't moved since 1995
2008p.html#55 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#46 Would you say high tech authentication gizmo's are a waste of time/money/effort?
2008p.html#44 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#38 How do group members think the US payments business will evolve over the next 3 years?
2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#21 Would you say high tech authentication gizmo's are a waste of time/money/effort?
2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#18 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#15 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#14 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#11 Can Smart Cards Reduce Payments Fraud and Identity Theft?
2008p.html#10 Strings story
2008p.html#7 Dealing with the neew MA ID protection law
2008p.html#5 Privacy, Identity theft, account fraud
2008p.html#2 Keeping private information private
2008o.html#76 Blinkenlights
2008o.html#70 What happened in security over the last 10 years?
2008o.html#60 Biometric Credit cards
2008o.html#47 Will cards with PayPass (from MasterCard) be using CHIP & PIN in the future?
2008o.html#22 What risk of possible data leakage do you see for your organization?
2008o.html#17 what will be a wow feature in a credit card
2008o.html#16 Is Information Security driven by compliance??
2008o.html#13 What risk of possible data leakage do you see for your organization?
2008o.html#2 Credit Card Security
2008n.html#90 Credit Card Security
2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?
2008n.html#59 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#55 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#54 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#48 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008n.html#46 Mobile Payment/All-in-One Card
2008n.html#45 In your experience which is a superior debit card scheme - PIN based debit or signature debit?
2008m.html#72 What are security areas to be addressed before starting an e-commerce transaction or setting up a portal?
2008m.html#71 TJ Maxx - why are they still in business?
2008m.html#70 Why SSNs Are Not Appropriate for Authentication and when, where and why should you offer/use it?
2008m.html#66 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#56 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#55 With all the highly publicised data breeches and losses, are we all wasting our time?
2008m.html#0 Fraud due to stupid failure to test for negative
2008l.html#89 Fraud due to stupid failure to test for negative
2008l.html#52 Quality of IBM school clock systems?
2008l.html#52 Payments Security in RFS
2008l.html#33 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008k.html#40 Calling Out
2008j.html#55 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#43 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008j.html#34 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008i.html#83 Certificate Purpose
2008i.html#70 Next Generation Security
2008i.html#61 Could you please name sources of information you trust on RFID and/or other Wireless technologies?
2008i.html#55 Is data classification the right approach to pursue a risk based information security program?
2008i.html#42 "Security Breaches"
2008i.html#24 Credit Card Fraud
2008h.html#86 What mode of payment you could think of with the advent of time?
aadsm28.htm#75 Fun with Data Theft/Breach Numbers
aadsm28.htm#72 What are the current INNOVATIVE ICT Security Services, that are in demand or highly marketable at the moment
aadsm28.htm#64 Seeking expert on credit card fraud prevention - particularly CNP/online transactions
aadsm28.htm#59 Information Security Vs. Businesss Resilience
2008h.html#4 You won't guess who's the bad guy of ID theft
2008g.html#28 Hannaford case exposes holes in law, some say
2008g.html#27 Hannaford case exposes holes in law, some say
2008g.html#17 Hannaford breach illustrates dangerous compliance mentality
2008g.html#8 Hannaford case exposes holes in law, some say
2008f.html#44 Realistic dynamics of contactless
aadsm28.htm#42 Trojan with Everything, To Go!
aadsm28.htm#41 Trojan with Everything, To Go!
2008e.html#76 independent appraisers
2008e.html#66 independent appraisers
2008e.html#56 Any benefit to programming a RISC processor by hand?
aadsm28.htm#37 Attack on Brit retail payments -- some takeways
2008d.html#88 The hands-free way to steal a credit card
2008d.html#3 Govt demands password to personal computer
2008c.html#90 Toyota Sales for 2007 May Surpass GM
2008c.html#89 Toyota Sales for 2007 May Surpass GM
aadsm28.htm#26 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#24 Fixing SSL (was Re: Dutch Transport Card Broken)
2008c.html#47 Data Erasure Products
aadsm28.htm#19 Lack of fraud reporting paths considered harmful
2008.html#67 File Transfer conundrum
aadsm28.htm#5 Why Security Modelling doesn't work -- the OODA loop of today's battle
2008.html#9 folklore indeed
2008.html#8 folklore indeed
2008.html#7 folklore indeed
2007v.html#94 folklore indeed
2007v.html#93 folklore indeed
2007v.html#87 Data Breaches Soar In 2007
2007v.html#86 folklore indeed
2007v.html#85 folklore indeed
2007v.html#79 folklore indeed
2007v.html#77 folklore indeed
aadsm28.htm#1 2008: The year of hack the vote?
2007v.html#74 folklore indeed
2007v.html#70 folklore indeed
2007v.html#60 Credit Card Details
2007u.html#76 folklore indeed
2007u.html#67 folklore indeed
2007u.html#10 Crypto Related Posts
2007t.html#61 Crypto Related Posts
2007t.html#28 'Man in the browser' is new threat to online banking
2007t.html#6 Translation of IBM Basic Assembler to C?
2007t.html#5 Translation of IBM Basic Assembler to C?
2007t.html#3 Translation of IBM Basic Assembler to C?
2007s.html#55 Translation of IBM Basic Assembler to C?
2007s.html#16 The new urgency to fix online privacy
2007s.html#6 ATMs
2007r.html#66 The new urgency to fix online privacy
2007r.html#63 Translation of IBM Basic Assembler to C?
2007r.html#61 The new urgency to fix online privacy
2007r.html#54 The new urgency to fix online privacy
20074.html#34 Is the media letting banks off the hook on payment card security
2007r.html#32 Is the media letting banks off the hook on payment card security
2007r.html#29 The new urgency to fix online privacy
2007r.html#26 The new urgency to fix online privacy
2007r.html#24 How to tell a fake SSL certificate from a real one
2007r.html#21 Is the media letting banks off the hook on payment card security
2007q.html#72 Value of SSL client certificates?
2007q.html#34 what does xp do when system is copying
2007q.html#11 what does xp do when system is copying
aadsm27.htm#60 Retailers try to push data responsibilities back to banks
2007o.html#0 The Unexpected Fact about the First Computer Programmer
2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
aadsm27.htm#52 more on firing your MBA-less CSO
aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
2007n.html#52 Windows Monitor or CUSP?
aadsm27.htm#37 The bank fraud blame game
aadsm27.htm#35 The bank fraud blame game
aadsm27.htm#34 The bank fraud blame game
aadsm27.htm#32 The bank fraud blame game
aadsm27.htm#31 The bank fraud blame game
2007n.html#9 John W. Backus, 82, Fortran developer, dies
2007n.html#8 nouns and adjectives
2007m.html#31 nouns and adjectives
2007m.html#27 nouns and adjectives
2007m.html#9 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#28 A crazy thought?
aadsm27.htm#26 A crazy thought?
2007l.html#70 nouns and adjectives
aadsm27.htm#23 Identity resurges as a debate topic
2007l.html#48 My Dream PC -- Chip-Based
2007l.html#41 My Dream PC -- Chip-Based
2007l.html#39 My Dream PC -- Chip-Based
2007l.html#35 My Dream PC -- Chip-Based
2007l.html#16 John W. Backus, 82, Fortran developer, dies
2007l.html#8 John W. Backus, 82, Fortran developer, dies
2007k.html#76 My Dream PC -- Chip-Based
aadsm27.htm#15 307 digit number factored
2007k.html#55 My Dream PC -- Chip-Based
2007k.html#53 My Dream PC -- Chip-Based
2007j.html#67 open source voting
aadsm27.htm#1 H6.2 Most Standardised Security Protocols are Too Heavy
aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
aadsm26.htm#70 WSJ: Soft evidence on a crypto-related breach
aadsm26.htm#66 More Tipping Point evidence - POS vendors sued
2007i.html#74 public key password authentication
2007i.html#66 John W. Backus, 82, Fortran developer, dies
2007i.html#65 John W. Backus, 82, Fortran developer, dies
2007i.html#64 John W. Backus, 82, Fortran developer, dies
2007i.html#55 John W. Backus, 82, Fortran developer, dies
2007i.html#23 John W. Backus, 82, Fortran developer, dies
2007i.html#17 John W. Backus, 82, Fortran developer, dies
2007h.html#63 T.J. Maxx data theft worse than first reported
aadsm26.htm#61 crypto component services - is there a market?
2007h.html#58 T.J. Maxx data theft worse than first reported
2007h.html#37 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#27 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
aadsm26.htm#55 The One True Identity -- cracks being examined, filled, and rotted out from the inside
aadsm26.htm#51 The One True Identity -- cracks being examined, filled, and rotted out from the inside
aadsm26.htm#48 Governance of anonymous financial services
2007g.html#30 T.J. Maxx data theft worse than first reported
aadsm26.htm#44 Governance of anonymous financial services
2007g.html#19 T.J. Maxx data theft worse than first reported
2007g.html#15 T.J. Maxx data theft worse than first reported
aadsm26.htm#43 Cost of an identity
aadsm26.htm#42 "Dilemmas of Privacy and Surveillance" report launched
2007f.html#75 Securing financial transactions a high priority for 2007
2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
2007f.html#8 Securing financial transactions a high priority for 2007
2007e.html#61 Securing financial transactions a high priority for 2007
2007e.html#26 Securing financial transactions a high priority for 2007
2007e.html#12 Securing financial transactions a high priority for 2007
2007d.html#70 Securing financial transactions a high priority for 2007
2007d.html#57 Which is the Fastest (Secure) Way to Exchange 256-bit Keys?
aadsm26.htm#36 New Credit Cards May Leak Personal Information
2007d.html#37 MAC and SSL
2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
aadsm26.htm#34 Failure of PKI in messaging
aadsm26.htm#29 News.com: IBM donates new privacy tool to open-source Higgins
aadsm26.htm#27 man in the middle, SSL ... addenda
aadsm26.htm#25 EV - what was the reason, again?
2007d.html#12 One Time Identification, a request for comments/testing
2007d.html#11 Securing financial transactions a high priority for 2007
2007d.html#10 The logic of privacy
aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
2007c.html#51 Securing financial transactions a high priority for 2007
2007c.html#46 Securing financial transactions a high priority for 2007
2007c.html#44 Securing financial transactions a high priority for 2007
2007c.html#43 Securing financial transactions a high priority for 2007
2007c.html#37 Securing financial transactions a high priority for 2007
2007c.html#36 Securing financial transactions a high priority for 2007
2007c.html#35 Securing financial transactions a high priority for 2007
2007b.html#61 Securing financial transactions a high priority for 2007
2007b.html#60 Securing financial transactions a high priority for 2007
2007b.html#12 Special characters in passwords was Re: RACF - Password rules
aadsm26.htm#20 Tamperproof, yet playing Tetris
2007.html#42 The logic of privacy
aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?
2007.html#28 Securing financial transactions a high priority for 2007
2007.html#17 SSL info
2007.html#0 Securing financial transactions a high priority for 2007
2006y.html#25 "The Elements of Programming Style"
2006y.html#7 Securing financial transactions a high priority for 2007
2006w.html#36 What does a patent do that copyright does not?
2006w.html#5 Patent buster for a method that increases password security
2006v.html#49 Patent buster for a method that increases password security
2006v.html#42 On sci.crypt: New attacks on the financial PIN processing
2006v.html#39 On sci.crypt: New attacks on the financial PIN processing
2006v.html#26 Fighting Fraudulent Transactions
2006v.html#13 Who has a Core Competency in Security?
aadsm26.htm#8 What is the point of encrypting information that is publicly visible?
2006v.html#2 New attacks on the financial PIN processing
aadsm26.htm#6 Citibank e-mail looks phishy
aadsm26.htm#5 ATMs hacked using MP3 player
2006u.html#43 New attacks on the financial PIN processing
2006t.html#40 Encryption and authentication
2006t.html#5 Are there more stupid people in IT than there used to be?
aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
aadsm25.htm#38 How the Classical Scholars dropped security from the canon of Computer Science
aadsm25.htm#33 Mozilla moves on security
2006q.html#47 Smartcard reader with certificate inside the reader
aadsm25.htm#27 A note on vendor reaction speed to the e=3 problem
2006p.html#8 SSL, Apache 2 and RSA key sizes
aadsm25.htm#21 Identity v. anonymity -- that is not the question
aadsm25.htm#20 Identity v. anonymity -- that is not the question
aadsm25.htm#18 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
aadsm25.htm#16 Fraudwatch - Chip&PIN one-sided story, banks and deception and liability shifts
2006o.html#40 the personal data theft pandemic continues
2006o.html#37 the personal data theft pandemic continues
2006o.html#35 the personal data theft pandemic continues
aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
2006o.html#17 Gen 2 EPC Protocol Approved as ISO 18000-6C
2006o.html#16 Gen 2 EPC Protocol Approved as ISO 18000-6C
aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?
aadsm24.htm#48 more on FBI plans new Net-tapping push
2006n.html#40 Identity Management Best Practices
aadsm24.htm#38 Interesting bit of a quote
aadsm24.htm#32 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#30 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#29 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#28 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#27 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#26 Naked Payments IV - let's all go naked
aadsm24.htm#23 Use of TPM chip for RNG?
aadsm24.htm#22 Naked Payments IV - let's all go naked
aadsm24.htm#10 Naked Payments IV - let's all go naked
2006m.html#15 OpenSSL Hacks
aadsm24.htm#8 Microsoft - will they bungle the security game?
aadsm24.htm#7 Naked Payments IV - let's all go naked
aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
aadsm24.htm#2 UK Banks Expected To Move To DDA EMV Cards
aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
aadsm23.htm#56 UK Detects Chip-And-PIN Security Flaw
aadsm23.htm#54 Status of SRP
aadsm23.htm#51 Status of opportunistic encryption
aadsm23.htm#49 Status of SRP
2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#17 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#5 Value of an old IBM PS/2 CL57 SX Laptop
2006k.html#4 Passwords for bank sites - change or not?
aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
aadsm23.htm#32 Chip-and-Pin terminals were replaced by "repairworkers"?
2006i.html#13 Multi-layered PKI implementation
aadsm23.htm#19 Petrol firm suspends chip-and-pin
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
aadsm23.htm#12 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#11 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#9 PGP "master keys"
2006h.html#26 Security
aadsm23.htm#2 News and Views - Mozo, Elliptics, eBay + fraud, naive use of TLS and/or tokens
2006g.html#40 Why are smart cards so dumb?
aadsm23.htm#1 RSA Adaptive Authentication
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
2006f.html#35 X.509 and ssh
2006f.html#34 X.509 and ssh
aadsm22.htm#40 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#39 FraudWatch - Chip&Pin, a new tenner (USD10)
2006f.html#16 trusted repositories and trusted transactions
aadsm22.htm#33 Meccano Trojans coming to a desktop near you
2006e.html#44 Does the Data Protection Act of 2005 Make Sense
aadsm22.htm#23 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#21 FraudWatch - Chip&Pin, a new tenner (USD10)
aadsm22.htm#20 FraudWatch - Chip&Pin, a new tenner (USD10)
2006d.html#37 transputers again was Re: The demise of Commodore
2006d.html#31 Caller ID "spoofing"
2006d.html#26 Caller ID "spoofing"
2006d.html#25 Caller ID "spoofing"
2006c.html#35 X.509 and ssh
aadsm22.htm#5 long-term GPG signing key
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
2005v.html#3 ABN Tape - Found
2005v.html#2 ABN Tape - Found
aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#33 PGP Lame question
2005u.html#31 AMD to leave x86 behind?
aadsm21.htm#35 [Clips] Banks Seek Better Online-Security Tools
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#8 PGP Lame question
2005u.html#3 PGP Lame question
2005u.html#1 PGP Lame question
2005t.html#52 PGP Lame question
2005t.html#34 RSA SecurID product
2005t.html#9 phishing web sites using self-signed certs
2005t.html#6 phishing web sites using self-signed certs
aadsm21.htm#19 mixing authentication and identification?
aadsm21.htm#18 'Virtual Card' Offers Online Security Blanket
aadsm21.htm#13 Contactless payments and the security challenges
aadsm21.htm#3 Is there any future for smartcards?
aadsm21.htm#2 Another entry in the internet security hall of shame
2005o.html#6 X509 digital certificate for offline solution
2005m.html#53 Barcode Email
aadsm20.htm#20 ID "theft" -- so what?
2005m.html#42 public key authentication
aadsm20.htm#18 the limits of crypto and authentication
aadsm20.htm#17 the limits of crypto and authentication
aadsm20.htm#11 the limits of crypto and authentication
aadsm20.htm#5 the limits of crypto and authentication
aadsm20.htm#4 the limits of crypto and authentication
aadsm20.htm#1 Keeping an eye on ATM fraud
aadsm19.htm#49 Why Blockbuster looks at your ID
aadsm19.htm#48 Why Blockbuster looks at your ID
aadsm19.htm#47 the limits of crypto and authentication
aadsm19.htm#46 the limits of crypto and authentication
aadsm19.htm#45 payment system fraud, etc
2005l.html#37 More Phishing scams, still no SSL being used
2005l.html#36 More Phishing scams, still no SSL being used
2005l.html#22 The Worth of Verisign's Brand
2005l.html#17 The Worth of Verisign's Brand
aadsm19.htm#44 massive data theft at MasterCard processor
aadsm19.htm#40 massive data theft at MasterCard processor
aadsm19.htm#39 massive data theft at MasterCard processor
aadsm19.htm#38 massive data theft at MasterCard processor
2005k.html#55 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
2005k.html#26 More on garbage
aadsm19.htm#35 de-identification
aadsm19.htm#17 What happened with the session fixation bug?
2005i.html#36 Improving Authentication on the Internet
2005i.html#34 The Worth of Verisign's Brand
aadsm19.htm#14 To live in interesting times - open Identity systems
2005i.html#4 Authentication - Server Challenge
2005.html#14 Using smart cards for signing and authorization in applets
aadsm18.htm#39 Financial identity is *dangerous*? (was re: Fake companies, real money)
aadsm18.htm#32 EMV cards as identity cards
aadsm18.htm#31 EMV cards as identity cards
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#28 x9.99 privacy note
aadsm18.htm#27 EMV cards as identity cards
aadsm18.htm#22 [anonsec] Re: potential new IETF WG on anonymous IPSec
2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates
aadsm18.htm#6 dual-use digital signature vulnerability
aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#51 authentication and authorization
aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
aadsm17.htm#47 authentication and authorization ... addenda
aadsm17.htm#40 The future of security
2004e.html#9 Authentification classifications
aadsm17.htm#25 Single Identity. Was: PKI International Consortium m
aadsm17.htm#24 Privacy, personally identifiable information, identity theft
aadsm17.htm#23 PKI International Consortium
aadsm17.htm#21 Identity (was PKI International Consortium)
aadsm17.htm#20 PKI International Consortium
aadsm17.htm#18 PKI International Consortium
aadsm17.htm#13 A combined EMV and ID card
aadsm17.htm#12 A combined EMV and ID card
2004b.html#50 The SOB that helped IT jobs move to India is dead!
2004b.html#25 Who is the most likely to use PK?
aadsm17.htm#4 Difference between TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed)
aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
aadsm17.htm#1 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
2003p.html#17 Does OTP need authentication?
2003o.html#18 Database design and confidential data protection
2003o.html#12 Database design and confidential data protection
aadsm15.htm#40 FAQ: e-Signatures and Payments
aadsm15.htm#21 Simple SSL/TLS - Some Questions
aepay12.htm#22 some X9.59 (and little FSTC) ... from crypto mailing list ... fyi
aadsm15.htm#6 x9.59
aadsm15.htm#2 Is cryptography where security took the wrong branch?
aepay12.htm#10 Feds Want Banks to Warn of ID Theft
aepay12.htm#9 New privacy rules could mean headaches for financial services IT
aadsm14.htm#54 Draft E-Authentication Policy for Federal Agencies
aadsm14.htm#49 replay & integrity
aepay12.htm#5 Law aims to reduce identity theft
aepay12.htm#4 Confusing business process, payment, authentication and identification
aepay12.htm#2 Confusing business process, payment, authentication and identification
aepay12.htm#0 Four Corner model. Was: Confusing Authentication and Identiification? (addenda)
aepay11.htm#73 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay11.htm#72 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay11.htm#67 Confusing Authentication and Identiification?
aepay11.htm#66 Confusing Authentication and Identiification?
aepay11.htm#62 HIPAA, privacy, identity theft (addenda
aepay11.htm#61 HIPAA, privacy, identity theft
aadsm14.htm#41 certificates & the alternative view
aadsm14.htm#40 The real problem that https has conspicuously failed to fix
aepay11.htm#53 Authentication white paper
aadsm14.htm#30 Maybe It's Snake Oil All the Way Down
aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
2003h.html#29 application of unique signature
aadsm14.htm#10 Microsoft Identity Server Prepped For Windows Server 2003
aepay11.htm#50 Concern Grows About ID Theft
aepay11.htm#49 A More Anonymous Internet
aepay11.htm#40 ID theft costs banks $1 billion a year
aadsm14.htm#4 Who's afraid of Mallory Wolf?
aeapy11.htm#37 Who's afraid of Mallory Wolf?
aadsm14.htm#1 Who's afraid of Mallory Wolf?
aepay11.htm#31 Privacy again a hot-button issue for legistlators
aepay11.htm#28 Solving the problem of micropayments
aepay11.htm#27 Solving the problem of micropayments
aepay11.htm#14 More Identity Theft ... Security Stands in Line Behind Other Priorities
2003b.html#65 Storing digital IDs on token for use with Outlook
aepay11.htm#13 Microsoft Fixes Passport to Meet EU Privacy Rules
aepay11.htm#2 Sun releases Liberty-enabled software
aepay11.htm#1 Sun releases Liberty-enabled software
aepay11.htm#0 identity, fingerprint, from comp.risks
aepay10.html#74 Invisible Ink, E-signatures slow to broadly catch on (addenda)
aepay10.html#73 Invisible Ink, E-signatures slow to broadly catch on
aepay10.html#72 Invisible Ink, E-signatures slow to broadly catch on
aepay10.htm#71 Invisible Ink, E-signatures slow to broadly catch on
2002p.html#50 Cirtificate Authorities 'CAs', how curruptable are they to
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay10.htm#62 VeriSign unveils new online identity verification services
aadsm12.htm#55 TTPs & AADS (part II)
aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
aadsm12.htm#52 First Data Unit Says It's Untangling Authentication
2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to
aepay10.htm#61 First Data Unit Says It's Untangling Authentication
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm12.htm#50 Frist Data Unit Says It's Untangling Authentication
aepay10.htm#60 First Data Unit Says It's Untangling Authentication
aadsm12.htm#44 Identity Theft More Often an Inside Job
2002o.html#67 smartcard+fingerprint
2002o.html#62 Certificate Authority: Industry vs. Government
2002o.html#57 Certificate Authority: Industry vs. Government
2002o.html#56 Certificate Authority: Industry vs. Government
aadsm12.htm#39 Identification = Payment Transaction?
aepay10.html#55 Meeting to mull privacy standard's next step
aadsm12.htm#38 Legal entities who sign
aadsm12.htm#37 Legal entities who sign
2002n.html#30 Help! Good protocol for national ID card?
2002n.html#13 Help! Good protocol for national ID card?
aadsm12.htm#32 Employee Certificates - Security Issues
2002m.html#55 Beware, Intel to embed digital certificates in Banias
2002m.html#53 Authentication of others is a privilege, not a right
aepay10.htm#46 x9.73 Cryptographic Message Syntax
2002m.html#38 Convenient and secure eCommerce using POWF
2002m.html#17 A new e-commerce security proposal
2002l.html#35 Cryptography
2002j.html#18 Symmetric-Key Credit Card Protocol on Web Site
aadsm12.htm#4 3D-Secure and Passport
aadsm11.htm#45 Giuliani: ID cards won't curb freedoms
aadsm11.htm#28 Proposal: A replacement for 3D Secure
aadsm11.htm#17 Alternative to Microsoft Passport: Sunshine vs Hai
aadsm11.htm#6 Meaning of Non-repudiation
aadsm11.htm#6 Meaning of Non-repudiation
2002f.html#34 Security and e-commerce
2002f.html#32 Biometric Encryption: the solution for network intruders?
aadsm10.htm#anonpay Crypto Winter (Re: Looking back ten years: Another Cypherpunks failure)
aadsm10.htm#hackhome2 Hackers Targeting Home Computers
aadsm10.htm#hackhome Hackers Targeting Home Computers
aadsm9.htm#cfppki4 CFP: PKI research workshop
aadsm9.htm#cfppki3 CFP: PKI research workshop
aadsm9.htm#cfppki2 CFP: PKI research workshop
aadsm9.htm#cfppki CFP: PKI research workshop
aadsm9.htm#privacy Seeking Privacy Online, Even as Security Tightens
aepay7.htm#edsecure4 3D Secure Vulnerabilities? Photo ID's and Payment Infrastructure
aadsm7.htm#cryptofree Erst-Freedom: Sic Semper Political Cryptography
aepay7.htm#liberty Network Identity Alliance -- Liberty Alliance Project
aadsm6.htm#terror10 Did Encryption Empower These Terrorists?
aadsm6.htm#terror9 Did Encryption Empower These Terrorists?
aadsm6.htm#terror7 Did Encryption Empower These Terrorists?
aadsm6.htm#terror Did Encryption Empower These Terrorists?
aadsm6.htm#terror Did Encryption Empower These Terrorists?
2001j.html#9 E-commerce security????
2001i.html#53 Credit Card # encryption
2001i.html#9 Net banking, is it safe???
aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
2001h.html#58 Net banking, is it safe???
2001h.html#53 Net banking, is it safe???
2001g.html#68 PKI/Digital signature doesn't work
2001g.html#65 PKI/Digital signature doesn't work
aepay7.htm#nonrep6non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep5non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep4non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep3non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep2non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep1non-repudiation, was Re: crypto flaw in secure mail standards
aepay7.htm#nonrep0non-repudiation, was Re: crypto flaw in secure mail standards
2001g.html#12 FREE X.509 Certificates
2001g.html#11 FREE X.509 Certificates
2001g.html#1 distributed authentication
2001g.html#0 FREE X.509 Certificates
2001f.html#79 FREE X.509 Certificates
2001f.html#77 FREE X.509 Certificates
aepay6.htm#itheft "Gurard against Identity Theft" (arrived in the post today)
aepay6.htm#userauth2 MS masters NC mind-set (authentication is the key)
aepay6.htm#dspki4 use of digital signatures and PKI (addenda)
aepay6.htm#pkimort2 problem with the death of X.509 PKI (forwarded)
aepay6.htm#dspki3 use of digital signatures and PKI (addenda)
aepay6.htm#dspki2 use of digital signatures and PKI
aadsm5.htm#pkimort PKI: Evolve or Die
aadsm5.htm#liex509 Lie in X.BlaBla
2001f.html#31 Remove the name from credit cards!
2001f.html#24 Question about credit card number
2001f.html#15 Medical data confidentiality on network comms
2001e.html#36 Can I create my own SSL key?
2001e.html#35 Can I create my own SSL key?
2001e.html#33 Can I create my own SSL key?
2001e.html#26 Can I create my own SSL key?
2001d.html#41 solicit advice on purchase of digital certificate
2001d.html#19 [Newbie] Authentication vs. Authorisation?
2001d.html#8 Invalid certificate on 'security' site
2001d.html#7 Invalid certificate on 'security' site
2001c.html#72 PKI and Non-repudiation practicalities
2001c.html#58 PKI and Non-repudiation practicalities
2001c.html#57 PKI and Non-repudiation practicalities
2001c.html#56 PKI and Non-repudiation practicalities
2001c.html#42 PKI and Non-repudiation practicalities
2001b.html#85 what makes a cpu fast
2001b.html#14 IBM's announcement on RVAs
2001.html#73 how old are you guys
2001.html#67 future trends in asymmetric cryptography
2000g.html#34 does CA need the proof of acceptance of key binding?
2000g.html#33 does CA need the proof of acceptance of key binding?
2000g.html#5 e-commerce: Storing Credit Card numbers safely
2000f.html#72 SET; was Re: Why trust root CAs?
2000c.html#26 The first "internet" companies?
2000b.html#90 Question regarding authentication implementation
2000b.html#53 Digital Certificates-Healthcare Setting
2000b.html#40 general questions on SSL certificates
2000.html#60 RealNames hacked. Firewall issues
2000.html#36 "Trusted" CA - Oxymoron?
99.html#229 Digital Signature on SmartCards
99.html#228 Attacks on a PKI
99.html#224 X9.59/AADS announcement at BAI this week
99.html#217 AADS/X9.59 demo & standards at BAI (world-wide retail banking) show
99.html#216 Ask about Certification-less Public Key
99.html#189 Internet Credit Card Security
99.html#171 checks (was S/390 on PowerPC?)
99.html#165 checks (was S/390 on PowerPC?)
98.html#48 X9.59 & AADS
98.html#41 AADS, X9.59, & privacy
98.html#0 Account Authority Digital Signature model
ansiepay.htm#scaads X9.59 related press release at smartcard forum
ansiepay.htm#theorySecurity breach raises questions about Internet shopping
ansiepay.htm#x959bai X9.59/AADS announcement at BAI
ansiepay.htm#privacy more on privacy
aepay6.htm#dsdebate Digital Signatures Spark Debate
aepay6.htm#harvest2shared-secrets, CC#, & harvesting CC#
aepay5.htm#pkiillfit Some PKI references from yesterday's SlashDot
aepay4.htm#privis privacy issues
aepay3.htm#smrtcrd Smart Cards with Chips encouraged ... fyi
aepay3.htm#x959risk2 Risk Management in AA / draft X9.59
aepay3.htm#privacy misc. privacy
aepay3.htm#gap2 [ISN] Card numbers, other details easily available at online stores
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay3.htm#riskm The Thread Between Risk Management and Information Security
aepay2.htm#privrule3 U.S. firms gird for privacy rules
aepay2.htm#privrule2 U.S. firms gird for privacy rules
aepay2.htm#privrules U.S. firms gird for privacy rules
aepay2.htm#morepriv [E-CARM] AADS, x9.59, & privacy
aepay2.htm#aadspriv Account Authority Digital Signatures ... in support of x9.59
aadsmail.htm#vbank Statistical Attack Against Virtual Banks (fwd)
aadsmail.htm#mfraud AADS, X9.59, security, flaws, privacy
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#xmlvch implementations of "XML Voucher: Generic Voucher Language"?
aadsm5.htm#x959 X9.59 Electronic Payment Standard
aadsm4.htm#9 Thin PKI won - You lost
aadsm2.htm#straw AADS Strawman
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#mauthauth Human Nature
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#anon anonymity in current infrastructure

top, by subject: technology, networking, public key, integrity, Boyd - home


Misc. Relying Party Certificates

2010l.html#58 A mighty fortress is our PKI
2010b.html#69 Happy DEC-10 Day
2009l.html#62 Client Certificate UI for Chrome? -- OT anonymous-transaction
2009k.html#72 Client Certificate UI for Chrome?
2008i.html#93 Certificate Purpose
aadsm28.htm#48 World's biggest PKI goes open source: DogTag is released
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
2007s.html#51 Translation of IBM Basic Assembler to C?
2007r.html#26 The new urgency to fix online privacy
2007q.html#72 Value of SSL client certificates?
2007q.html#24 what does xp do when system is copying
2007q.html#5 Windows Live vs Kerberos
aadsm27.htm#52 more on firing your MBA-less CSO
aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
2007n.html#63 Poll: oldest computer thing you still use
2007n.html#46 Windows Monitor or CUSP?
aadsm27.htm#35 The bank fraud blame game
aadsm27.htm#26 A crazy thought?
aadsm27.htm#23 Identity resurges as a debate topic
2007l.html#9 John W. Backus, 82, Fortran developer, dies
2007k.html#79 John W. Backus, 82, Fortran developer, dies
aadsm26.htm#61 crypto component services - is there a market?
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
aadsm26.htm#27 man in the middle, SSL ... addenda
2007d.html#10 The logic of privacy
aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
2007b.html#61 Securing financial transactions a high priority for 2007
2007.html#34 SSL info
2007.html#17 SSL info
2007.html#15 SSL info
2006y.html#13 Your data private? Access all areas is on the cards
2006v.html#49 Patent buster for a method that increases password security
aadsm25.htm#46 Flaw exploited in RFID-enabled passports
aadsm25.htm#32 On-card displays
aadsm25.htm#20 Identity v. anonymity -- that is not the question
aadsm23.htm#51 Status of opportunistic encryption
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
2006i.html#13 Multi-layered PKI implementation
2006i.html#13 Multi-layered PKI implementation
aadsm23.htm#14 Shifting the Burden - legal tactics from the contracts world
2006f.html#31 X.509 and ssh
2006f.html#29 X.509 and ssh
2006f.html#16 trusted repositories and trusted transactions
2006f.html#15 trusted certificates and trusted repositories
2006e.html#8 Beginner's Pubkey Crypto Question
2006c.html#34 X.509 and ssh
2006b.html#37 X.509 and ssh
aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
2005u.html#19 Identity and Access Management (IAM)
2005t.html#52 PGP Lame question
2005t.html#32 RSA SecurID product
2005t.html#6 phishing web sites using self-signed certs
2005s.html#52 TTP and KCM
2005s.html#43 P2P Authentication
2005r.html#54 NEW USA FFIES Guidance
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#13 IPSEC with non-domain Server
aadsm21.htm#2 Another entry in the internet security hall of shame
aadsm20.htm#42 Another entry in the internet security hall of shame
aadsm20.htm#40 Another entry in the internet security hall of shame
aadsm20.htm#39 Another entry in the internet security hall of shame
aadsm20.htm#38 Another entry in the internet security hall of shame
2005o.html#41 Certificate Authority of a secured P2P network
2005o.html#31 Is symmetric key distribution equivalent to symmetric key generation?
aadsm20.htm#32 How many wrongs do you need to make a right?
2005o.html#2 X509 digital certificate for offline solution
2005n.html#51 IPSEC and user vs machine authentication
2005n.html#39 Uploading to Asimov
2005n.html#33 X509 digital certificate for offline solution
aadsm20.htm#11 the limits of crypto and authentication
2005m.html#15 Course 2821; how this will help for CISSP exam ?
aadsm20.htm#5 the limits of crypto and authentication
aadsm20.htm#0 the limits of crypto and authentication
aadsm19.htm#45 payment system fraud, etc
2005l.html#35 More Phishing scams, still no SSL being used
2005l.html#33 More Phishing scams, still no SSL being used
2005l.html#29 Importing CA certificate to smartcard
2005l.html#25 PKI Crypto and VSAM RLS
2005l.html#12 The Worth of Verisign's Brand
2005l.html#7 Signing and bundling data using certificates
2005k.html#60 The Worth of Verisign's Brand
aadsm19.htm#40 massive data theft at MasterCard processor
aadsm19.htm#33 Digital signatures have a big problem with meaning
2005i.html#7 Improving Authentication on the Internet
2005i.html#4 Authentication - Server Challenge
aadsm19.htm#11 EuroPKI 2005 - Call for Participation
2005h.html#27 How do you get the chain of certificates & public keys securely
2005h.html#25 couple more Q's on basic public key encryption techniques
2005g.html#45 Maximum RAM and ROM for smartcards
2005f.html#62 single-signon with X.509 certificates
aadsm19.htm#8 GeoTrust says existing PKI practices are worthless
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#38 xml-security vs. native security
2005e.html#22 PKI: the end
aadsm18.htm#55 MD5 collision in X509 certificates
2005c.html#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
2004m.html#23 Help! I'm trying to understand PKI - especially CA's role
2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid
aadsm18.htm#31 EMV cards as identity cards
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#27 EMV cards as identity cards
2004j.html#8 New Method for Authenticated Public Key Exchange without Digita Certificates
2004j.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
aadsm18.htm#7 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#5 Using crypto against Phishing, Spoofing and Spamming
2004h.html#14Two-factor Authentication Options?
2004h.html#13Two-factor Authentication Options?
aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#41 Yahoo releases internet standard draft for using DNS as public key server
2004g.html#5 Adding Certificates
2004f.html#13 racf
aadsm17.htm#34 The future of security
2004e.html#20 Soft signatures
aadsm17.htm#27 Re:Identity Firewall. l PKI International Consortium
aadsm17.htm#26 privacy, authentication, identification, authorization
aadsm17.htm#23 PKI International Consortium
aadsm17.htm#19 PKI International Consortium
aadsm17.htm#18 PKI International Consortium
aadsm17.htm#16 PKI International Consortium
2004d.html#7 Digital Signature Standards
aadsm17.htm#12 A combined EMV and ID card
2004b.html#25 Who is the most likely to use PK?
aadsm17.htm#9 Setting X.509 Policy Data in IE, IIS, Outlook
aadsm16.htm#21 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm16.htm#16 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
2003p.html#17 Does OTP need authentication?
aadsm15.htm#33 VS: On-line signature standards
2003m.html#49 public key vs passwd authentication?
2003l.html#33 RSA vs AES
2003k.html#66 Digital signature and Digital Certificate
aadsm14.htm#48 basic question: semantics of "map", "tie", etc in PKI
aepay11.htm#71 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay11.htm#68 Confusing Authentication and Identiification?
2003i.html#1Two-factor authentication with SSH?
aadsm14.htm#20 Payments as an answer to spam (addenda)
2002p.html#21 Cirtificate Authorities 'CAs', how curruptable are they to
aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
aadsm12.htm#53 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
aadsm12.htm#52 First Data Unit Says It's Untangling Authentication
aadsm12.htm#49 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#48 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#45 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#43 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#42 draft-ietf-pkix-warranty-extn-01.txt
aadsm12.htm#41 I-D ACTION:draft-ietf-pkix-sim-00.txt
aadsm12.htm#39 Identification = Payment Transaction?
aadsm12.htm#32 Employee Certificates - Security Issues
2002o.html#67 smartcard+fingerprint
2002o.html#57 Certificate Authority: Industry vs. Government
2002n.html#44 public-key cryptography impossible?
2002n.html#30 Help! Good protocol for national ID card?
2002n.html#13 Help! Good protocol for national ID card?
2002n.html#8 Tweaking old computers?
2002m.html#55 Beware, Intel to embed digital certificates in Banias
2002m.html#36 (OT) acceptance of technology, was: Convenient and secure
2002m.html#20 A new e-commerce security proposal
2002m.html#17 A new e-commerce security proposal
2002l.html#71 Faster seeks (was Re: Do any architectures use instruction
2002k.html#57 History of AOL
2002i.html#72 A Lesson In Security
aadsm12.htm#29 Employee Certificates - Security Issues
aadsm12.htm#28 Employee Certificates - Security Issues
aadsm12.htm#27 Employee Certificates - Security Issues
2002g.html#32 Secure Device Drivers
2002f.html#57 IBM competes with Sun w/new Chips
2002e.html#72 Digital certificate varification
2002e.html#56 PKI and Relying Parties
2002e.html#52 PKI and Relying Parties
2002e.html#49 PKI and Relying Parties
2002d.html#39 PKI Implementation
2002b.html#25 Question about root CA authorities
2001n.html#73 A PKI question and an answer
2001n.html#57 Certificate Authentication Issues in IE and Verisign
2001k.html#0 Are client certificates really secure?
2001i.html#16 Net banking, is it safe???
2001h.html#7 PKI/Digital signature doesn't work
2001h.html#3 PKI/Digital signature doesn't work
2001h.html#0 PKI/Digital signature doesn't work
2001g.html#68 PKI/Digital signature doesn't work
2001g.html#65 PKI/Digital signature doesn't work
2001g.html#64 PKI/Digital signature doesn't work
2001g.html#40 Self-Signed Certificate
2001g.html#21 Root certificates
2001f.html#79 FREE X.509 Certificates
2001f.html#77 FREE X.509 Certificates
2001e.html#46 Can I create my own SSL key?
2001e.html#35 Can I create my own SSL key?
2001d.html#20 What is PKI?
2001d.html#7 Invalid certificate on 'security' site.
2001c.html#79 Q: ANSI X9.68 certificate format standard
2001c.html#73 PKI and Non-repudiation practicalities
2001c.html#72 PKI and Non-repudiation practicalities
2001c.html#60 PKI and Non-repudiation practicalities
2001c.html#58 PKI and Non-repudiation practicalities
2001c.html#57 PKI and Non-repudiation practicalities
2001c.html#56 PKI and Non-repudiation practicalities
2000f.html#72 SET; was Re: Why trust root CAs ?
2000f.html#15 Why trust root CAs ?
2000e.html#41 Why trust root CAs ?
2000b.html#93 Question regarding authentication implementation
2000b.html#40 general questions on SSL certificates
2000.html#57 RealNames hacked. Firewall issues.
2000.html#41 "Trusted" CA - Oxymoron?
2000.html#40 "Trusted" CA - Oxymoron?
2000.html#36 "Trusted" CA - Oxymoron?
99.html#228 Attacks on a PKI
99.html#226 Attacks on a PKI
98.html#41 AADS, X9.59, & privacy
aepay10.htm#37 landscape & p-cards
aepay10.htm#35 some certification & authentication landscape summary from recent threads
aepay10.htm#31 some certification & authentication landscape summary from recent threads
aadsm12.htm#6 NEWS: 3D-Secure and Passport
aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II
aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
aadsm11.htm#25 Proxy PKI. Was: IBM alternative to PKI?
aadsm11.htm#21 IBM alternative to PKI?
aadsm11.htm#19 IBM alternative to PKI?
aadsm11.htm#18 IBM alternative to PKI?
aadsm11.htm#11 Meaning of Non-repudiation
aadsm11.htm#9 Meaning of Non-repudiation
aadsm11.htm#8 Meaning of Non-repudiation
aepay6.htm#userauth2 MS masters NC mind-set (authentication is the key)
aepay6.htm#dspki4 use of digital signatures and PKI (addenda)
aepay6.htm#dspki3 use of digital signatures and PKI (addenda)
aepay6.htm#dspki2 use of digital signatures and PKI
aepay6.htm#crlwork do CRL's actually work?
aepay6.htm#dsdebate Digital Signatures Spark Debate
aepay4.htm#comcert11 Merchant Comfort Certificates
aepay3.htm#x959discus X9.59 discussions at X9A & X9F
aepay3.htm#aadsrel2 AADS related information ... summary
aepay3.htm#aadsrel1 AADS related information
aepay3.htm#openclose open CADS and closed AADS
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay2.htm#cadis disaster recovery cross-posting
aepay2.htm#fed Federal CP model and financial transactions
aadsm9.htm#cfppki9 CFP: PKI research workshop
aadsm9.htm#cfppki8 CFP: PKI research workshop
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm9.htm#cfppki4 CFP: PKI research workshop
aadsm9.htm#cfppki CFP: PKI research workshop
aadsm9.htm#pkcs12d A PKI Question: PKCS11-> PKCS12
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aadsm9.htm#softpki23 Software for PKI
aadsm8.htm#softpki19 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki11 Software for PKI
aadsm8.htm#softpki9 Software for PKI
aadsm8.htm#softpki8 Software for PKI
aadsm8.htm#softpki4 Software for PKI
aadsm7.htm#rhose11 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#rhose10 when a fraud is a sale, Re: Rubber hose attack
aadsm7.htm#pcards4 The end of P-Cards?
aadsm6.htm#echeck Electronic Checks
aadsm5.htm#spki4 Simple PKI
aadsm5.htm#spki3 Simple PKI
aadsm5.htm#spki2 Simple PKI
aadsm5.htm#spki Simple PKI
aadsm5.htm#pkimort PKI: Evolve or Die
aadsm5.htm#liex509 Lie in X.BlaBla...
aadsm5.htm#shock2 revised Shocking Truth about Digital Signatures
aadsm5.htm#shock revised Shocking Truth about Digital Signatures
aadsm5.htm#x959 X9.59 Electronic Payment Standard
aadsm4.htm#9 Thin PKI won - You lost
aadsm4.htm#7 Public Key Infrastructure: An Artifact...
aadsm4.htm#6 Public Key Infrastructure: An Artifact...
aadsm4.htm#4 Public Key Infrastructure: An Artifact...
aadsm3.htm#kiss5 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss4KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#kiss1KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#cstech6 cardtech/securetech & CA PKI
aadsm2.htm#techno digital signatures, technology experiments, and service operations
aadsm2.htm#stall EU digital signature initiative stalled
aadsm2.htm#mauthauth Human Nature
aadsm2.htm#privacy Identification and Privacy are not Antinomies
aadsm2.htm#account A different architecture? (was Re: certificate path
aadsm2.htm#integrity Scale (and the SRV record)
aadsm2.htm#inetpki A PKI for the Internet (was RE: Scale (and the SRV
aadsm2.htm#scale Scale (and the SRV record)
aadsmore.htm#client4 Client-side revocation checking capability
aadsmore.htm#client3 Client-side revocation checking capability
aadsmore.htm#pressign President Clinton digital signing
aadsmore.htm#scanon Smartcard anonymity patents
aadsmore.htm#killer0 Killer PKI Applications
aadsmore.htm#vpki valid PKIs
aadsmore.htm#hcrl3 Huge CRLs
aadsmail.htm#perform AADS & X9.59 performance and algorithm key sizes

top, by subject: technology, networking, public key, integrity, Boyd - home


Kerberos and/or pk-init

2016d.html#100 Multithreaded output to stderr and stdout
2015f.html#14 Credit card fraud solution coming to America...finally
2015c.html#81 On a lighter note, even the Holograms are demonstrating
2014j.html#102 ? How programs in c language drew graphics directly to screen in old days without X or Framebuffer?
2014j.html#12 The SDS 92, its place in history?
2014g.html#37 Special characters for Passwords
2014f.html#83 Slashdot this day in history: Microsoft Asks Slashdot To Remove Readers' Posts
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012j.html#54 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012b.html#71 Password shortcomings
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2011h.html#56 pdp8 to PC- have we lost our way?
2010l.html#63 A mighty fortress is our PKI, Part II
2010j.html#5 Problem Statement on the Cross-Realm Operation of Kerberos
2010i.html#31 IBM Unix prehistory, someone smarter than Dave Cutler
2010h.html#25 In SSL We Trust? Not Lately
2010f.html#3 Why is Kerberos ever used, rather than modern public key cryptography?
2009l.html#6 Cyber attackers empty business accounts in minutes
2009k.html#72 Client Certificate UI for Chrome?
2009k.html#11 A Complete History Of Mainframe Computing
2009k.html#8 A Complete History Of Mainframe Computing
2009k.html#7 A Complete History Of Mainframe Computing
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009g.html#41 Storing MIT-Kerberos authentication data in an LDAP backend
2009g.html#39 How did the monitor work under TOPS?
2009f.html#66 How did the monitor work under TOPS?
2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008k.html#40 Calling Out
2008j.html#45 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008i.html#46 Definition of file spec in commands
aadsm28.htm#31 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
2008c.html#31 Kerberized authorization service
2008.html#54 Really stupid question about z/OS HTTP server
2008.html#53 Really stupid question about z/OS HTTP server
2007u.html#76 folklore indeed
2007u.html#51 folklore indeed
2007r.html#24 How to tell a fake SSL certificate from a real one
2007q.html#5 Windows Live vs Kerberos
2007q.html#2 Windows Live vs Kerberos
aadsm27.htm#23 Identity resurges as a debate topic
2007i.html#63 public key password authentication
2007f.html#60 Certificates
2007d.html#12 One Time Identification, a request for comments/testing
2007b.html#58 Authentication architecture on a Unix Network
2007.html#15 SSL info
2006v.html#49 Patent buster for a method that increases password security
2006v.html#29 User Authentication
2006v.html#10 What's a mainframe?
2006u.html#4 ssh - password control or key control?
2006t.html#8 Root CA CRLs
2006q.html#52 Smartcard reader with certificate inside the reader
2006n.html#53 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm24.htm#15 Apple to help Microsoft with "security neutrality"?
2006m.html#24 OT - J B Hunt
aadsm24.htm#8 Microsoft - will they bungle the security game?
aadsm23.htm#52 Status of opportunistic encryption
aadsm23.htm#48 Status of opportunistic encryption
2006i.html#25 Benefits of PKI - 5,000 nodes organization
2006i.html#13 Multi-layered PKI implementation
2006h.html#46 blast from the past, tcp/ip, project athena and kerberos
2006h.html#27 confidence in CA
2006b.html#37 X.509 and ssh
2005u.html#19 Identity and Access Management (IAM)
2005t.html#22 What ever happened to Tandem and NonStop OS ?
2005t.html#0 TTP and KCM
2005s.html#42 feasibility of certificate based login (PKI) w/o real smart card
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2005q.html#29 IPSEC wireless router ?
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#13 IPSEC with non-domain Server
2005p.html#35 PKI
aadsm21.htm#4 Another entry in the internet security hall of shame
aadsm20.htm#38 Another entry in the internet security hall of shame
2005n.html#51 IPSEC and user vs machine authentication
2005n.html#43 X509 digital certificate for offline solution
aadsm20.htm#25 Cross logins
2005m.html#37 public key authentication
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005m.html#5 Globus/GSI versus Kerberos
aadsm19.htm#43 massive data theft at MasterCard processor
2005i.html#52 Single Password - Linux & Windows
2005i.html#23 The Worth of Verisign's Brand
2005i.html#3 General PKI Question
2005i.html#2 Certificate Services
2005g.html#49 "Best practices" or "Best implementations"?
2005g.html#48 "Best practices" or "Best implementations"?
2005g.html#2 Cross-Realm Authentication
2005d.html#18 Digital signature with Javascript
2004h.html#21 Basics of key authentication
aadsm17.htm#27 Re:Identity Firewall. l PKI International Consortium
aadsm16.htm#24 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm16.htm#19 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
2003n.html#35 ftp authentication via smartcard
2003n.html#16 log on windows xp with smartcard
aepay11.htm#70 Confusing Authentication and Identiification? (addenda)
2003j.html#25 Idea for secure login
2003h.html#55 PKINIT
aadsm14.htm#6 The case against directories
aadsm13.htm#38 The case against directories
aadsm13.htm#16 A challenge
2003b.html#65 Storing digital IDs on token for use with Outlook
2003b.html#49 Authentication w/o user ids and passwords
2003.html#50 Origin of Kerberos
2003.html#46 Horror stories: high system call overhead
2002q.html#17 Difference between AAA and Radius?
2002p.html#52 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to
2002o.html#42 use of RADIUS
2002o.html#40 I found the Olsen Quote
2002l.html#62 Itanium2 performance data from SGI
2002l.html#39 Moore law
2002l.html#4 why is Kerberos better than this simpler replacement
2002l.html#3 why is Kerberos better than this simpler replacement
2002j.html#60 How to map a user account to a digital cert?
2002j.html#40 Beginner question on Security
2002i.html#54 Unisys A11 worth keeping?
2001k.html#10 HP-UX will not be ported to Alpha (no surprise)exit
2001e.html#56 Need explaination of PKI and Kerberos
2001d.html#46 anyone have digital certificates sample code
aepay11.htm#1 Sun releases Liberty-enabled software
aadsm12.htm#66 Subpoena Sidelines PKI Project
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm12.htm#5 NEWS: 3D-Secure and Passport
aadsm12.htm#4 NEWS: 3D-Secure and Passport
aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II
aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
aepay10.htm#66 eBay Customers Targetted by Credit Card Scam
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay10.htm#39 Microsoft Trustbridge ... Kerberos (tickets) support
aepay10.htm#33 pk-init draft (not yet a RFC)
aepay10.htm#32 some certification & authentication landscape summary from recent threads
aepay10.htm#31 some certification & authentication landscape summary from recent threads
aadsm3.htm#cstech2 cardtech/securetech & CA PKI
aadsm3.htm#cstech cardtech/securetech & CA PKI
aadsm2.htm#pkikrb PKI/KRB

top, by subject: technology, networking, public key, integrity, Boyd - home


certificate-less operation

2012j.html#62 The Myth of Password Complexity & Frequent Change Rules
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012j.html#54 Yahoo Password Breach: 7 Lessons Learned - Security - Attacks/breaches - Informationweek
2012d.html#31 Can SSL Certificate Checking System Be Saved?
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012b.html#71 Password shortcomings
2012b.html#48 Driver's licenses for the Internet
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012.html#65 Reject gmail
2012.html#63 Reject gmail
2011n.html#3 Banks Face Ongoing Cyber Threats
2011k.html#77 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011k.html#74 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2011k.html#36 50th anniversary of BASIC, COBOL? (warning: unusually violentthread drift)
2011k.html#33 50th anniversary of BASIC, COBOL? (warning: unusually violentthread drift)
2010m.html#58 memes in infosec IV - turn off HTTP, a small step towards "only one mode"
2010l.html#81 A mighty fortress is our PKI
2010l.html#78 Five Theses on Security Protocols
2010l.html#72 A slight modification of my comments on PKI
2010l.html#63 A mighty fortress is our PKI, Part II
2010l.html#58 A mighty fortress is our PKI
2010h.html#25 In SSL We Trust? Not Lately
2010b.html#69 Happy DEC-10 Day
2009r.html#72 Why don't people use certificate-based access authentication?
2009r.html#32 SSL certificates and keys
2009o.html#66 Need for speedy cryptography
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009m.html#7 Need new 3270 emulator: SSH, inexpensive, reliable
2009m.html#5 Need new 3270 emulator: SSH, inexpensive, reliable
2009l.html#6 Cyber attackers empty business accounts in minutes
2009k.html#33 Trouble in PKI land
2009g.html#62 Solving password problems one at a time, Re: The password-reset paradox
2009g.html#48 Inventor: SSL security woes are really the fault of browser design
2009.html#35 Perfect MITM Attacks With No-Check SSL Certs
2008n.html#34 Builders v. Breakers
2008l.html#32 Authentication in the e-tailer / payment gateway / customer triangle
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008k.html#54 The PKC-only application security model
2008k.html#51 The PKC-only application security model
2008k.html#49 The PKC-only application security model
2008k.html#48 The PKC-only application security model
2008i.html#93 Certificate Purpose
2008i.html#91 Certificate Purpose
aadsm28.htm#31 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#30 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#24 Fixing SSL (was Re: Dutch Transport Card Broken)
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
2008.html#8 folklore indeed
2008.html#7 folklore indeed
2007s.html#3 OpenPGP becomes RFC4880. Consider Hypothesis #1: The One True Cipher Suite
20074.html#49 How to tell a fake SSL certificate from a real one
2007r.html#24 How to tell a fake SSL certificate from a real one
2007q.html#30 what does xp do when system is copying
aadsm27.htm#52 more on firing your MBA-less CSO
aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
aadsm27.htm#30 A secure Internet requires a secure network protocol
2007m.html#41 X.509 weakness?
aadsm27.htm#24 Why self describing data formats:
aadsm27.htm#23 Identity resurges as a debate topic
2007l.html#41 My Dream PC -- Chip-Based
2007l.html#0 John W. Backus, 82, Fortran developer, dies
2007i.html#63 public key password authentication
2007h.thml#31 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
2007f.html#60 Certificates
2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
aadsm26.htm#41 PKI: The terrorists' secret weapon (part II)
aadsm26.htm#40 PKI: The terrorists' secret weapon
2007d.html#49 certificate distribution
aadsm26.htm#34 Failure of PKI in messaging
aadsm26.htm#33 Failure of PKI in messaging ... addenda
aadsm26.htm#31 man in the middle, SSL ... addenda 2
aadsm26.htm#29 News.com: IBM donates new privacy tool to open-source Higgins
aadsm26.htm#27 man in the middle, SSL ... addenda
2007d.html#12 One Time Identification, a request for comments/testing
2007b.html#61 Securing financial transactions a high priority for 2007
2007.html#34 SSL info
2007.html#15 SSL info
2007.html#7 SSL info
2006y.html#13 Your data private? Access all areas is on the cards
2006x.html#36 SSL security with server certificate compromised
2006w.html#18 more secure communication over the network
2006w.html#12 more secure communication over the network
2006v.html#49 Patent buster for a method that increases password security
2006v.html#29 User Authentication
2006u.html#4 ssh - password control or key control?
aadsm25.htm#46 Flaw exploited in RFID-enabled passports
2006t.html#8 Root CA CRLs
aadsm25.htm#35 signing all outbound email
aadsm25.htm#32 On-card displays
2006q.html#59 TCPA compatible smarcard readers?
2006q.html#52 Smartcard reader with certificate inside the reader
2006q.html#47 Smartcard reader with certificate inside the reader
aadsm25.htm#27 A note on vendor reaction speed to the e=3 problem
2006p.html#7 SSL, Apache 2 and RSA key sizes
aadsm25.htm#1 Crypto to defend chip IP: snake oil or good idea?
2006n.html#53 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm24.htm#52 Crypto to defend chip IP: snake oil or good idea?
aadsm24.htm#44 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#24 It's official! SSH whips HTTPS butt! (in small minor test of no import....)
aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
aadsm23.htm#51 Status of opportunistic encryption
aadsm23.htm#48 Status of opportunistic encryption
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006i.html#25 Benefits of PKI - 5,000 nodes organization
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
aadsm23.htm#15 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
2006h.html#29 confidence in CA
2006h.html#28 confidence in CA
2006h.html#27 confidence in CA
2006f.html#39 X.509 and ssh
2006e.html#8 Beginner's Pubkey Crypto Question
aadsm22.htm#4 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#1 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#0 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm21.htm#34 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#2 PGP Lame question
aadsm21.htm#22 Broken SSL domain name trust model
2005t.html#34 RSA SecurID product
2005t.html#32 RSA SecurID product
2005t.html#22 What ever happened to Tandem and NonStop OS ?
2005t.html#6 phishing web sites using self-signed certs
2005t.html#0 TTP and KCM
2005s.html#52 TTP and KCM
2005s.html#49 phishing web sites using self-signed certs
2005s.html#43 P2P Authentication
2005s.html#42 feasibility of certificate based login (PKI) w/o real smart card
2005s.html#24 What ever happened to Tandem and NonStop OS ?
2005q.html#17 continuity of identity
2005q.html#29 IPSEC wireless router ?
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#13 IPSEC with non-domain Server
2005p.html#36 PKI
2005p.html#35 PKI
aadsm21.htm#8 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
2005p.html#32 PKI Certificate question
aadsm21.htm#4 Another entry in the internet security hall of shame
aadsm20.htm#43 Another entry in the internet security hall of shame
aadsm20.htm#40 Another entry in the internet security hall of shame
aadsm20.htm#38 Another entry in the internet security hall of shame
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005o.html#41 Certificate Authority of a secured P2P network
2005o.html#40 Certificate Authority of a secured P2P network
aadsm20.htm#37 Another entry in the internet security hall of shame
aadsm20.htm#36 Another entry in the internet security hall of shame
2005o.html#31 Is symmetric key distribution equivalent to symmetric key generation?
2005o.html#17 Smart Cards?
2005o.html#9 Need a HOW TO create a client certificate for partner access
aadsm20.htm#32 How many wrongs do you need to make a right?
2005o.html#2 X509 digital certificate for offline solution
2005n.html#51 IPSEC and user vs machine authentication
2005n.html#49 X509 digital certificate for offline solution
aadsm20.htm#31 The summer of PKI love
aadsm20.htm#21 Qualified Certificate Request
2005m.html#37 public key authentication
2005m.html#18 S/MIME Certificates from External CA
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005m.html#11 Question about authentication protocols
2005.html#5 Globus/GSI versus Kerberos
2005m.html#0 simple question about certificate chains
2005l.html#22 The Worth of Verisign's Brand
2005l.html#21 The Worth of Verisign's Brand
aadsm19.htm#43 massive data theft at MasterCard processor
aadsm19.htm#42 massive data theft at MasterCard processor
2005l.html#7 Signing and bundling data using certificates
2005k.html#60 The Worth of Verisign's Brand
aadsm19.htm#32 Using Corporate Logos to Beat ID Theft
2005j.html#18 Repository for digital certificates
2005j.html#0 private key encryption - doubts
aadsm19.htm#24 Citibank discloses private information to improve security
aadsm19.htm#18 Citibank discloses private information to improve security
aadsm19.htm#17 What happened with the session fixation bug?
2005i.html#50 XOR passphrase with a constant
2005i.html#38 More Phishing scams, still no SSL being used
2005i.html#36 Improving Authentication on the Internet
2005i.html#33 Improving Authentication on the Internet
2005i.html#24 The Worth of Verisign's Brand
2005i.html#23 The Worth of Verisign's Brand
2005i.html#9 More Phishing scams, still no SSL being used
2005i.html#8 More Phishing scams, still no SSL being used
2005i.html#7 Improving Authentication on the Internet
aadsm19.htm#13 What happened with the session fixation bug?
2005i.html#4 Authentication - Server Challenge
2005i.html#3 General PKI Question
2005i.html#2 Certificate Services
2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
2005i.html#0 More Phishing scams, still no SSL being used
aadsm19.htm#11 EuroPKI 2005 - Call for Participation
2005h.html#39 Attacks on IPsec
2005h.html#36 Security via hardware?
2005h.html#27 How do you get the chain of certificates & public keys securely
2005h.html#25 couple more Q's on basic public key encryption techniques
2005h.html#20 Key pair & Certificate lifetimes
2005h.html#8 keysigning: identity checks
2005g.html#48 "Best practices" or "Best implementations"?
2005g.html#45 Maximum RAM and ROM for smartcards
2005g.html#39 Key pair & Certificate lifetimes
2005g.html#29 Certificate Management Tools
2005g.html#13 What is a Certificate?
2005g.html#9 What is a Certificate?
aadsm19.htm#10 PKI News
aadsm19.htm#9 PKI News
2005g.html#3 What is a Certificate?
2005g.html#1 What is a Certificate?
2005g.html#0 What is a Certificate?
aadsm19.htm#0two-factor authentication problems
aadsm18.htm#56two-factor authentication problems
aadsm18.htm#55 MD5 collision in X509 certificates
2005d.html#18 Digital signature with Javascript
2005d.html#17 Digital signature with Javascript
2005.html#35 Do I need a certificat?
2005.html#31 Do I need a certificat?
2005.html#25 Smart cards and use the private key
2004q.html#0 Single User: Password or Certificate
2004p.html#60 Single User: Password or Certificate
aadsm18.htm#43 SSL/TLS passive sniffing
2004m.html#4 REVIEW: "Biometrics for Network Security", Paul Reid
2004j.html#9 Smart card Authentication
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#5 Authenticated Public Key Exchange without Digital Certificates?
2004j.html#3 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#2 Authenticated Public Key Exchange without Digital Certificates?
2004j.html#1 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#0 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#25 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#24 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#23 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#22 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#21 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#20 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#19 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#17 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
2004i.html#15 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#14 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#13 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#12 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#11 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#10 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#9 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#4 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#2 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#59 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#57 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#56 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#55 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#54 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#53 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#52 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#51 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#50 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#48 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#14Two-factor Authentication Options?
2004h.html#13Two-factor Authentication Options?
2004g.html#53 Chained I/O's
2004e.html#20 Soft signatures
2003n.html#30 Is this right? Question about SSL and PKI
2003n.html#16 log on windows xp with smartcard
2003m.html#52 public key vs passwd authentication?
2003m.html#50 public key vs passwd authentication?
2003m.html#49 public key vs passwd authentication?
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003l.html#33 RSA vs AES
2003i.html#35 electronic-ID and key-generation
2003i.html#29 electronic-ID and key-generation
2003h.html#13 Authentication protocol
2003e.html#57 Security in RADIUS (RFC2865)
2003b.html#30 Public key encryption
2003.html#50 Origin of Kerberos
2002p.html#50 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#22 Cirtificate Authorities 'CAs', how curruptable are they to
2002p.html#11 Cirtificate Authorities 'CAs', how curruptable are they to
2002e.html#56 PKI and Relying Parties
2001j.html#49 Are client certificates really secure?
2001i.html#25 Net banking, is it safe???
2001i.html#16 Net banking, is it safe???
2001i.html#9 Net banking, is it safe???
2001h.html#53 Net banking, is it safe???
2001h.html#37 Credit Card # encryption
2001h.html#36 PKI/Digital signature doesn't work
2001g.html#64 PKI/Digital signature doesn't work
2001c.html#8 Server authentication
98.html#41 AADS, X9.59, & privacy
aepay11.htm#73 Account Numbers. Was: Confusing Authentication and Identiification? (addenda)
aepay11.htm#69 Confusing Authentication and Identiification?
aepay11.htm#37 Who's afraid of Mallory Wolf?
aepay10.htm#82 SSL certs & baby steps (addenda)
aepay10.htm#78 ssl certs
aepay10.htm#65 eBay Customers Targetted by Credit Card Scam
aepay10.htm#34 some certification & authentication landscape summary from recent threads
aadsm17.htm#55 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#34 The future of security
aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#0 invoicing with PKI
aadsm14.htm#45 Keyservers and Spam
aadsm14.htm#35 The real problem that https has conspicuously failed to fix
aadsm14.htm#14 Who's afraid of Mallory Wolf?
aadsm13.htm#20 surrogate/agent addenda (long)
aadsm13.htm#16 A challenge
aadsm12.htm#51 Frist Data Unit Says It's Untangling Authentication
aadsm9.htm#cfppki6 CFP: PKI research workshop
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm9.htm#cfppki2 CFP: PKI research workshop
aadsm9.htm#cfppki CFP: PKI research workshop
aadsm9.htm#carnivore Shades of FV's Nathaniel Borenstein: Carnivore's "Magic Lantern"
aadsm7.htm#pcards4 FW: The end of P-Cards?
aadsm6.htm#terror7 [FYI] Did Encryption Empower These Terrorists?
aadsm6.htm#aadsatm (certificate-less) digital signatures can secure ATM card payments on the internet
aadsm5.htm#spki2 Simple PKI
aadsm5.htm#spki Simple PKI
aadsm3.htm#kiss2 Common misconceptions, was Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp-00.txt))
aadsm3.htm#kiss1KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm3.htm#cstech3 cardtech/securetech & CA PKI
aadsmore.htm#hcrl1 Huge CRLs


also account authority digital signature: AADS/ABDS

top, by subject: technology, networking, public key, integrity, Boyd - home


Coining the term certificate manufacturing to differentiate from PKI

2010l.html#79 Five Theses on Security Protocols
2010l.html#62 A mighty fortress is our PKI
2010l.html#58 A mighty fortress is our PKI
2010l.html#57 A mighty fortress is our PKI
2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
2007.html#17 SSL info
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
2005s.html#24 What ever happened to Tandem and NonStop OS ?
aadsm20.htm#44 Another entry in the internet security hall of shame
aadsm20.htm#43 Another entry in the internet security hall of shame
2005o.html#41 Certificate Authority of a secured P2P network
aadsm20.htm#32 How many wrongs do you need to make a right?
aadsm20.htm#31 The summer of PKI love
aadsm20.htm#26 [Clips] Does Phil Zimmermann need a clue on VoIP?
aadsm20.htm#15 the limits of crypto and authentication
aadsm20.htm#11 the limits of crypto and authentication
aadsm19.htm#13 What happened with the session fixation bug?
2005l.html#32 More Phishing scams, still no SSL being used
2005l.html#2 The Worth of Verisign's Brand
2005l.html#1 The Worth of Verisign's Brand
2004m.html#12 How can I act as a Certificate Authority (CA) with openssl ??
2003l.html#46 Proposal for a new PKI model (At least I hope it's new)
2003l.html#45 Proposal for a new PKI model (At least I hope it's new)
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003.html#41 InfiniBand Group Sharply, Evenly Divided
2001j.html#8 PKI (Public Key Infrastructure)
2001h.html#0 PKI/Digital signature doesn't work
2001g.html#2 Root certificates
2001d.html#20 What is PKI?
2001d.html#16 Verisign and Microsoft - oops
aadsm15.htm#0 invoicing with PKI
aadsm14.htm#19 Payments as an answer to spam (addenda)
aadsm13.htm#37 How effective is open source crypto?
aadsm13.htm#35 How effective is open source crypto? (bad form)
aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
aadsm11.htm#34 ALARMED ... Only Mostly Dead ... RIP PKI
aepay10.htm#82 SSL certs & baby steps (addenda)
aepay10.htm#81 SSL certs & baby steps
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm8.htm#softpki20 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki14 DNSSEC (RE: Software for PKI)
aadsm8.htm#softpki10 Software for PKI
aadsm8.htm#softpki6 Software for PKI
aadsm5.htm#faith faith-based security and kinds of trust
aadsm5.htm#pkimort2 problem with the death of X.509 PKI
aadsm3.htm#kiss7KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))
aadsm2.htm#scale Scale (and the SRV record)
aepay3.htm#votec (my) long winded observations regarding X9.59 & XML, encryption and certificates
aepay2.htm#cadis disaster recovery cross-posting
aepay2.htm#fed Federal CP model and financial transactions

top, by subject: technology, networking, public key, integrity, Boyd - home


Electronic Signature legislation, human signature, intent

2016g.html#77 Your Guide for Data Breach Crisis Communication
2016g.html#33 OODA-loop and virtual machines
2016f.html#107 How to Win the Cyberwar Against Russia
2016f.html#95 Chain of Title: How Three Ordinary Americans Uncovered Wall Street's Great Foreclosure Fraud
2016f.html#89 Why the cloud is bad news for Cisco, Dell, and HP
2016f.htmL#75 IBM Buying Promontory Clinches It: Regtech Is Real
2016f.html#70 Security Design: Stop Trying to Fix the User
2016e.html#81 Why you need a strong authentication platform
2016e.html#79 And the Award for Best Financial Crisis Book
2016d.html#17 Cybercrime
2016c.html#67 We Must Stop The Race to Attribution After Each Cyberattack
2016c.html#54 Why you might not be warned of an online security breach
2016b.html#38 Ransomware
2015h.html#95 book "1984"--modern privacy
2015g.html#92 Leaked Seattle Audit Concludes Many Mortgage Documents Are Void
2015g.html#64 Intel: Criminals getting better at data exfiltration
2015f.html#14 Credit card fraud solution coming to America...finally
2015e.html#41 Poor People Caused The Financial Crisis
2015e.html#30 The real story of how the Internet became so vulnerable
2015d.html#4 "Trust in digital certificate ecosystem eroding"
2015c.html#99 Cyber Threat Sharing is Great in Theory, But Tough in Practice
2014m.html#92 The 10 Biggest Bank Card Hacks
2014l.html#55 LA Times commentary: roll out "smart" credit cards to deter fraud
2014f.html#94 Privacy vs. freedom of the press--Google court ruling
2014f.html#58 Consumers Ditch Their Breached Retailers, Banks and Doctors
2014e.html#47 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014e.html#6 Credit Card Breach at California DMV Provides Yet Another Warning of Cyber Insecurities
2014d.html#102 How the IETF plans to protect the web from NSA snooping
2014d.html#40 Missed Alarms and 40 Million Stolen Credit Card Numbers: How Target Blew It
2014d.html#13 Royal Pardon For Turing
2014d.html#9 NSA chief criticises media and suggests UK was right to detain David Miranda
2014d.html#3 Let's Face It--It's the Cyber Era and We're Cyber Dumb
2014d.html#1 RSA 2014: Target Breach Has Bigger Impact on Data Security than Snowden, says Vormetric
2013o.html#79 Would Target cybersecurity breach occur with a digital ID system?
2013o.html#67 What Chase And Other Banks Won't Tell You About Selling Your Data
2013o.html#66 Target breach likely involved inside knowledge, experts say
2013o.html#59 Target breach likely involved inside knowledge, experts say
2013n.html#12 How the IETF plans to protect the web from NSA snooping
2013m.html#14 Gilmore response to NSA mathematician's "make rules for NSA" appeal
2013d.html#68 What Makes an Architecture Bizarre?
2013.html#39 ICSF Symmetric Key being sent to a non-zOS system
2012m.html#55 General Mills computer
2012j.html#61 The Myth of Password Complexity & Frequent Change Rules
2012i.html#80 Firms told to own up to cybercrime attacks
2012i.html#73 Operating System, what is it?
2012i.html#35 US Senate proposes national data breach notification act
2012i.html#30 US Senate proposes national data breach notification act
2012e.html#17 Data theft: Hacktivists 'steal more than criminals'
2012d.html#49 Do you know where all your sensitive data is located?
2012d.html#31 Can SSL Certificate Checking System Be Saved?
2012c.html#6 The 15 Worst Data Security Breaches of the 21st Century
2012c.html#3 zSeries Manpower Sizing
2012b.html#48 Driver's licenses for the Internet
2012b.html#36 RFC6507 Ellipitc Curve-Based Certificateless Signatures
2012.html#65 Reject gmail
2012.html#35 Israel vows to hit back after credit cards hacked
2011p.html#132 Yes Virginia, Electronic Signatures Are Legal
2011p.html#131 The Times E-Mails Millions by Mistake to Say Subscriptions Were Canceled
2011l.html#47 Does outsourcing cause data loss?
2011i.html#45 Happy 100th Birthday, IBM!
2011h.html#56 pdp8 to PC- have we lost our way?
2011h.html#55 CISO's Guide to Breach Notification
2011f.html#55 Are Americans serious about dealing with money laundering and the drug cartels?
2011f.html#14 How is SSL hopelessly broken? Let us count the ways
2011b.html#60 A Two Way Non-repudiation Contract Exchange Scheme
2010o.html#76 E-commerce smackdown as PCI standards revised
2010o.html#9 On Scope Scrinkage in PCI DSS
2010n.html#52 Who are these people who think cybersecurity experts are crying wolf?
2010n.html#49 ZeuS attacks mobiles in bnak SMS bypass scam
2010n.html#44 Who are these people who think cybersecurity experts are crying wolf?
2010n.html#22 Data breaches remain high
2010m.html#56 About that "Mighty Fortress"... What's it look like?
2010m.html#2 Five Theses on Security Protocols
2010l.html#58 A mighty fortress is our PKI
2010l.html#28 Mainframe Hacking -- Fact or Fiction
2010l.html#26 Root Zone DNSSEC Deployment Technical Status Update
2010j.html#18 Personal use z/OS machines was Re: Multiprise 3k for personal Use?
2010i.html#83 The Evolution of the Extended Enterprise: Security Stategies for Forward Thinking Organizations
2010h.html#82 Costs Of Data Breaches Much Higher In U.S. Than In Other Countries, Study Says
2010b.html#82 Oldest Instruction Set still in daily use?
2010b.html#69 Happy DEC-10 Day
2009q.html#58 Cyber breaches are a closely kept secret
2009o.html#50 WSJ.com The Fallacy of Identity Theft
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009n.html#1 IT Story New Standard For EU-Compliant Electronic Signatures
2009l.html#5 Internal fraud isn't new, but it's news
2009k.html#77 Cyber attackers empty business accounts in minutes
2009j.html#55 Replace the current antiquated credit card system
2009g.html#50 Has any public CA ever had their certificate revoked?
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009d.html#27 Californa's Data Breach Law May Get an Update
2009b.html#16 It's Me, and Here's My Proof: Why Identity and Authentication Must Remain Distinct
2009.html#29 Data losses set to soar
2008r.html#2 Payment Card + Digital Signature
2008q.html#3 GPG
2008p.html#79 PIN entry on digital signatures + extra token
2008p.html#7 Dealing with the neew MA ID protection law
2008o.html#16 Is Information Security driven by compliance??
2008m.html#73 Blinkylights
2008l.html#49 Quality of IBM school clock systems?
2008j.html#39 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008i.html#92 Certificate Purpose
2008i.html#89 Technologists on signatures: looking in the wrong place
aadsm28.htm#50 Liability for breaches: do we need new laws?
2008f.html#39 Can electronic signature bring us non-repudiation and authenticity?
aadsm28.htm#38 The Trouble with Threat Modelling
2008e.html#62 Any benefit to programming a RISC processor by hand?
aadsm28.htm#34 on Revocation of Signing Certs and Public Key Signing itself
aadsm28.htm#33 on Revocation of Signing Certs and Public Key Signing itself
2007v.html#44 Education ranking
2007u.html#15 Public Computers
2007t.html#6 Translation of IBM Basic Assembler to C?
2007s.html#56 Translation of IBM Basic Assembler to C?
2007s.html#55 Translation of IBM Basic Assembler to C?
2007r.html#61 The new urgency to fix online privacy
2007l.html#6 John W. Backus, 82, Fortran developer, dies
2007l.html#3 John W. Backus, 82, Fortran developer, dies
2007l.html#2 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#4 Public key encrypt-then-sign or sign-then-encrypt?
aadsm26.htm#69 survey of RFC S/MIME signature handling
aadsm26.htm#67 survey of RFC S/MIME signature handling
2007i.html#74 public key password authentication
aadsm26.htm#63 Public key encrypt-then-sign or sign-then-encrypt?
2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#27 sizeof() was: The Perfect Computer - 36 bits?
aadsm26.htm#49 Governance of anonymous financial services
2007g.html#40 Electronic signature outside Europe
2007f.html#72 Securing financial transactions a high priority for 2007
aadsm26.htm#32 Failure of PKI in messaging
aadms26.htm#19 Non-repudiation, Evidence and TLS: another fine mess I've got you into :-(
2006t.html#40 Encryption and authentication
2006s.html#34 Basic Question
aadsm25.htm#30 On-card displays
aadsm25.htm#21 Identity v. anonymity -- that is not the question
aadsm23.htm#14 Shifting the Burden - legal tactics from the contracts world
aadsm23.htm#13 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#12 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm23.htm#11 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#48 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#47 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#46 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
2006f.html#29 X.509 and ssh
2006e.html#4 When *not* to sign an e-mail message?
2006e.html#3 When *not* to sign an e-mail message?
2006d.html#34 When *not* to sign an e-mail message?
2006d.html#32 When *not* to sign an e-mail message?
2006d.html#25 Caller ID "spoofing"
aadsm22.htm#7 long-term GPG signing key
aadsm22.htm#6 long-term GPG signing key
aadsm22.htm#5 long-term GPG signing key
2005v.html#3 ABN Tape - Found
aadsm21.htm#41 X.509 / PKI, PGP, and IBE Secure Email Technologies
2005u.html#0 PGP Lame question
2005t.html#52 PGP Lame question
aadsm21.htm#21 Some thoughts on high-assurance certificates
2005s.html#27 whats the difference between Encryption and Encoding ? or both are same ?
2005r.html#10 NEW USA FFIES Guidance
2005r.html#54 NEW USA FFIES Guidance
aadsm21.htm#13 Contactless payments and the security challenges
2005q.html#23 Logon with Digital Siganture (PKI/OCES - or what else they're called)
2005q.html#4 winscape?
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005m.html#6 Creating certs for others (without their private keys)
2005m.html#1 Creating certs for others (without their private keys)
2005l.html#36 More Phishing scams, still no SSL being used
2005g.html#46 Maximum RAM and ROM for smartcards
2005e.html#31 Public/Private key pair protection on Windows
2005b.html#56 [Lit.] Buffer overruns
2005.html#14 Using smart cards for signing and authorization in applets
2004j.html#51 Looking for pointers to get started with e-signature
2004j.html#1 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#24 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#21 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#17 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004e.html#20 Soft signatures
2003h.html#38 entity authentication with non-repudiation
2003h.html#29 application of unique signature
2002l.html#24 Two questions on HMACs and hashing
2002h.html#13 Biometric authentication for intranet websites?
2002g.html#69 Digital signature
2001j.html#7 No Trusted Viewer possible?
2001h.html#51 future of e-commerce
2002p.html#57 Cirtificate Authorities 'CAs', how curruptable are they
2001g.html#62 PKI/Digital signature doesn't work
2001g.html#25 Root certificates
2000g.html#34 does CA need the proof of acceptance of key binding ?
2000f.html#64 Cryptogram Newsletter is off the wall?
aadsm21.htm#5 Is there any future for smartcards?
aadsm20.htm#8 UK EU presidency aims for Europe-wide biometric ID card
aadsm20.htm#0 the limits of crypto and authentication
aadsm19.htm#41 massive data theft at MasterCard processor
aadsm19.htm#33 Digital signatures have a big problem with meaning
aadsm19.htm#28 "SSL stops credit card sniffing" is a correlation/causality myth
aadsm19.htm#24 Citibank discloses private information to improve security
aadsm19.htm#2 Do You Need a Digital ID?
aadsm18.htm#56two-factor authentication problems
aadsm18.htm#2 dual-use digital signature vulnerability
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm18.htm#0 dual-use digital signature vulnerability
aadsm17.htm#59 dual-use digital signature vulnerability
aadsm15.htm#36 VS: On-line signature standards
aadsm15.htm#34 VS: On-line signature standards (slight addenda)
aadsm15.htm#32 VS: On-line signature standards
aadsm13.htm#12 Antwort: Re: Real-time Certificate Status Facility for OCSP - (RTCS)
aadsm12.htm#38 Legal entities who sign
aadsm11.htm#23 Proxy PKI. Was: IBM alternative to PKI?
aadsm11.htm#7 Meaning of Non-repudiation
aadsm11.htm#6 Meaning of Non-repudiation
aadsm11.htm#5 Meaning of Non-repudiation
aepay11.htm#55 FINREAD ... and as an aside
aepay11.htm#53 Authentication white paper
aadsm6.htm#nonreput Sender and receiver non-repudiation

top, by subject: technology, networking, public key, integrity, Boyd - home


Discussion of real-time public key distribution using DNS

2015d.html#11 "Trust in digital certificate ecosystem eroding"
2014m.html#85 Economic Failures of HTTPS Encryption
2014g.html#13 Is it time for a revolution to replace TLS?
2014g.html#7 [Cryptography] Is it time for a revolution to replace TLS?
2014e.html#47 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014e.html#7 Last Gasp for Hard Disk Drives
2013i.html#46 OT: "Highway Patrol" back on TV
2013f.html#70 How internet can evolve
2013.html#39 ICSF Symmetric Key being sent to a non-zOS system
2012c.html#7 The Convergence of PKI
2012.html#103 Google works on Internet standards with TCP proposals, SPDY standardization
2012.html#98 Google works on Internet standards with TCP proposals, SPDY standardization
2012.html#97 Is SSL Cert Holder ID Verification A Joke?
2011o.html#88 EFF proposes new method to strengthen Public Key Infrastructure
2011n.html#6 Founders of SSL Call Game Over?
2011k.html#63 Somewhat off-topic: comp-arch.net cloned, possibly hacked
2010q.html#71 Domain Name of Russia's Largest Online Payment Processor Hijacked
2010n.html#37 Do we really need to care about DNS Security?
2010n.html#2 UAE Man-in-the-Middle Attack Against SSL
2010n.html#0 UAE Man-in-the-Middle Attack Against SSL
2010m.html#60 towards https everywhere and strict transport security
2010l.html#78 Five Theses on Security Protocols
2010l.html#62 A mighty fortress is our PKI
2010g.html#10 Gov't coerced Certs thwart SSL/TLS
2010f.html#80 Law Enforcement Appliance Subverts SSL
2010b.html#69 Happy DEC-10 Day
2010b.html#62 Happy DEC-10 Day
2009r.html#1 Small Server Mob Advantage
2009p.html#88 Kaminsky Bug Options Include "Do Nothing," Says IETF
2009o.html#78 DNSSEC + Certs As a Replacement For SSL's Transport Security
2009o.html#3 Sophisticated cybercrooks cracking bank security efforts
2009m.html#41 PCI Council Releases Recommendations For Preventing Card-Skimming Attacks
2009k.html#72 Client Certificate UI for Chrome?
2009k.html#23 Security certificate warnings don't work, researchers say
2009k.html#21 Security certificate warnings don't work, researchers say
2009j.html#20 Kaminsky interview: DNSSEC addresses cross-organizational trust and security
2009g.html#48 Inventor: SSL security woes are really the fault of browser design
2009c.html#58 Has anyone seen a lift from using an Extended Validation SSL Certificate?
2009b.html#33 Phish-Pharming: Using social engineering to hijack domains at the source
2009.html#75 Delays in DNS security baffling: Mockapetris
2009.html#35 Perfect MITM Attacks With No-Check SSL Certs
2009.html#24 A New Web of Trust
2008s.html#76 Boffins bust web authentication with game consoles
2008s.html#72 CA issues no-questions asked Mozilla cert
2008s.html#58 DNS flaw is 2008's biggest web blunder
2008s.html#50 Perfect MITM Attacks With No-Check SSL
2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
2008l.html#34 Authentication in the e-tailer / payment gateway / customer triangle
2008k.html#49 The PKC-only application security model
2008j.html#87 CLIs and GUIs
2008i.html#78 Hypothesis #4 -- The First Requirement of Security is Usability
2008h.html#72 SSL certificates - from a customer's point of view (trust)
aadsm28.htm#21 Dutch Transport Card Broken
2007u.html#45 Folklore references to CP67 at Lincoln Labs
2007r.html#24 How to tell a fake SSL certificate from a real one
2007q.html#30 what does xp do when system is copying
2007p.html#60 what does xp do when system is copying
aadsm27.htm#30 A secure Internet requires a secure network protocol
2007m.html#41 X.509 weakness?
aadsm27.htm#22 A crazy thought?
2007l.html#0 John W. Backus, 82, Fortran developer, dies
aadsm27.htm#15 307 digit number factored
aadsm27.htm#14 307 digit number factored
2007k.html#32 SSL Security
aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
2007i.html#17 John W. Backus, 82, Fortran developer, dies
2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?
2007g.html#50 DNSSEC to be strangled at birth
2007g.html#32 Can SSL sessions be compromised?
2007d.html#60 SLL Certificate
aadsm26.htm#26 man in the middle, SSL
aadsm26.htm#25 EV - what was the reason, again?
2007c.html#51 Securing financial transactions a high priority for 2007
2007b.html#53 Forbidding Special characters in passwords
aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?
2007.html#7 SSL info
2006x.html#36 SSL security with server certificate compromised
2006w.html#15 more secure communication over the network
aadsm26.htm#1 Extended Validation - setting the minimum liability, the CA trap, the market in browser governance
2006t.html#8 Root CA CRLs
aadsm25.htm#28 WESII - Programme - Economics of Securing the Information Infrastructure
aadsm24.htm#44 Case Study: Thunderbird's brittle security as proof of Iang's 3rd Hypothesis in secure design: there is only one mode, and it's secure
aadsm23.htm#47 Status of opportunistic encryption
aadsm23.htm#13 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
aadsm22.htm#17 Major Browsers and CAS announce balkanisation of Internet Security
aadsm22.htm#0 GP4.3 - Growth and Fraud - Case #3 - Phishing
2006p.html#7 SSL, Apache 2 and RSA key sizes
2006h.html#34 The Pankian Metaphor
2006h.html#27 confidence in CA
2006f.html#33 X.509 and ssh
2006e.html#10 Caller ID "spoofing"
2006d.html#34 When *not* to sign an e-mail message?
2006d.html#29 Caller ID "spoofing"
2006c.html#38 X.509 and ssh
2006c.html#16 X.509 and ssh
2006c.html#10 X.509 and ssh
2005v.html#3 ABN Tape - Found
2005u.html#9 PGP Lame question
2005t.html#34 RSA SecurID product
2005t.html#32 RSA SecurID product
2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
2005o.html#41 Certificate Authority of a secured P2P network
2005m.html#18 S/MIME Certificates from External CA
2005m.html#0 simple question about certificate chains
2005k.html#60 The Worth of Verisign's Brand
2005i.html#7 Improving Authentication on the Internet
2005i.html#3 General PKI Question
2005i.html#0 More Phishing scams, still no SSL being used
2005h.html#27 How do you get the chain of certificates & public keys securely
2005g.html#9 What is a Certificate?
2005g.html#1 What is a Certificate?
2005g.html#0 What is a Certificate?
2005e.html#51 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#22 PKI: the end
2005.html#35 Do I need a certificat?
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#58 New Method for Authenticated Public Key Exchange without Digital Certificates
2004g.html#6 Adding Certificates
2004b.html#41 SSL certificates
2003p.html#20 Dumb anti-MITM hacks / CAPTCHA application
2003l.html#36 Proposal for a new PKI model (At least I hope it's new)
2003f.html#25 New RFC 3514 addresses malicious network traffic
2003d.html#40 Authentification vs Encryption in a system to system interface
2003d.html#29 SSL questions
2003.html#66 SSL & Man In the Middle Attack
2003.html#63 SSL & Man In the Middle Attack
2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to
2002o.html#10 Are ssl certificates all equally secure?
2002n.html#2 SRP authentication for web app
2002m.html#65 SSL certificate modification
2002m.html#64 SSL certificate modification
2002m.html#30 Root certificate definition
2002j.html#59 SSL integrity guarantees in abscense of client certificates
2002d.html#47 SSL MITM Attacks
2001m.html#37 CA Certificate Built Into Browser Confuse Me
2001l.html#22 Web of Trust
2000e.html#40 Why trust root CAs ?
aadsm21.htm#39 X.509 / PKI, PGP, and IBE Secure Email Technologies
aadsm21.htm#24 Broken SSL domain name trust model
aadsm20.htm#44 Another entry in the internet security hall of shame
aadsm20.htm#43 Another entry in the internet security hall of shame
aadsm20.htm#42 Another entry in the internet security hall of shame
aadsm20.htm#31 The summer of PKI love
aadsm19.htm#42 massive data theft at MasterCard processor
aadsm19.htm#13 What happened with the session fixation bug?
aadsm18.htm#43 SSL/TLS passive sniffing
aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#18 PKI International Consortium
aadsm15.htm#28 SSL, client certs, and MITM (was WYTM?)
aadsm15.htm#25 WYTM?
aadsm14.htm#39 An attack on paypal
aadsm13.htm#32 How effective is open source crypto? (bad form)
aadsm13.htm#26 How effective is open source crypto?
aadsm9.htm#cfppki5 CFP: PKI research workshop
aadsm8.htm#softpki6 Software for PKI
aadsm4.htm#5 Public Key Infrastructure: An Artifact...
aadsmore.htm#client3 Client-side revocation checking capability
aadsmore.htm#pkiart2 Public Key Infrastructure: An Artifact...

top, by subject: technology, networking, public key, integrity, Boyd - home


Digital Certificate Payload Bloat

2015d.html#25 "Trust in digital certificate ecosystem eroding"
2014m.html#85 Economic Failures of HTTPS Encryption
2014l.html#67 LA Times commentary: roll out "smart" credit cards to deter fraud
2014k.html#56 LA Times commentary: roll out "smart" credit cards to deter fraud
2014g.html#15 Is it time for a revolution to replace TLS?
2014f.html#17 Online Debit, Credit Fraud Will Soon Get Much Worse
2014e.html#47 TCP/IP Might Have Been Secure From the Start If Not For the NSA
2014c.html#60 Bloat
2014c.html#33 Royal Pardon For Turing
2013m.html#17 Steve B sees what investors think
2013j.html#33 8080 BASIC
2012j.html#62 The Myth of Password Complexity & Frequent Change Rules
2012i.html#73 Operating System, what is it?
2012d.html#31 Can SSL Certificate Checking System Be Saved?
2012d.html#26 Can SSL Certificate Checking System Be Saved?
2012b.html#71 Password shortcomings
2012.html#65 Reject gmail
2011n.html#7 Founders of SSL Call Game Over?
2011m.html#11 PKI "fixes" that don't fix PKI
2011k.html#74 Somewhat off-topic: comp-arch.net cloned, possibly hacked
211c.html#58 RISCversus CISC
2010o.html#67 CARD AUTHENTICATION TECHNOLOGY - Embedded keypad on Card - Is this the future
2010o.html#56 The Credit Card Criminals Are Getting Crafty
2010m.html#60 towards https everywhere and strict transport security
2010m.html#23 A mighty fortress is our PKI, Part II
2010m.html#3 Five Theses on Security Protocols
2010l.html#82 Five Theses on Security Protocols
2010l.html#59 A mighty fortress is our PKI
2010l.html#58 A mighty fortress is our PKI
2010h.html#25 In SSL We Trust? Not Lately
2010g.html#84 In SSL We Trust? Not Lately
2010b.html#69 Happy DEC-10 Day
2010b.html#62 Happy DEC-10 Day
2009s.html#49 Six Months Later, MasterCard Softens a Controversial PCI Rule
2009s.html#10 Why don't people use certificate-base access authentication?
2009r.html#72 Why don't people use certificate-based access authentication?
2009r.html#32 SSL certificates and keys
2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
2009n.html#26 Signature specification without certificates
2009k.html#72 Client Certificate UI for Chrome?
2009k.html#60 The satate of software
2009j.html#33 IBM touts encryption innovation
2009g.html#23 Architectural Diversity
2009d.html#76 1960 Western Union Facsimile Services
2009d.html#38 Internet threat: Hackers swarm bank accounts
2009c.html#25 Crypto Craft Knowledge
2008q.html#0 GPG
2008l.html#31 Authentication in the e-tailer / payment gateway / customer triangle
2008k.html#40 Calling Out
2008j.html#43 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)
2008i.html#83 Certificate Purpose
aadsm28.htm#59 Information Security Vs. Businesss Resilience
aadsm28.htm#20 Fixing SSL (was Re: Dutch Transport Card Broken)
2008.html#8 folklore indeed
2008.html#7 folklore indeed
aadsm28.htm#1 2008: The year of hack the vote?
2007q.html#5 Windows Live vs Kerberos
2007n.html#63 Poll: oldest computer thing you still use
aadsm27.htm#35 The bank fraud blame game
2007m.html#27 nouns and adjectives
aadsm27.htm#26 A crazy thought?
aadsm27.htm#24 Why self describing data formats:
2007l.html#48 My Dream PC -- Chip-Based
aadsm27.htm#21 307 digit number factored
2007j.html#67 open source voting
aadsm27.htm#1 H6.2 Most Standardised Security Protocols are Too Heavy
2007i.html#17 John W. Backus, 82, Fortran developer, dies
aadsm26.htm#61 crypto component services - is there a market?
2007h.thml#31 sizeof() was: The Perfect Computer - 36 bits?
2007h.html#22 sizeof() was': The Perfect Computer - 36 bits?
2007f.html#75 Securing financial transactions a high priority for 2007
2007d.html#37 MAC and SSL
aadsm26.htm#34 Failure of PKI in messaging
2007d.html#10 The logic of privacy
aadsm26.htm#18 SSL (https, really) accelerators for Linux/Apache?
2006q.html#47 Smartcard reader with certificate inside the reader
aadsm25.htm#27 A note on vendor reaction speed to the e=3 problem
aadsm24.htm#31 DDA cards may address the UK Chip&Pin woes
aadsm24.htm#10 Naked Payments IV - let's all go naked
aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
2006k.html#38 PDP-1
2006k.html#20 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006k.html#19 Hey! Keep Your Hands Out Of My Abstraction Layer!
2006i.html#13 Multi-layered PKI implementation
2006h.html#28 confidence in CA
2006f.html#33 X.509 and ssh
2006f.html#29 X.509 and ssh
2006e.html#42 SSL Certificate Signing
2006e.html#8 Beginner's Pubkey Crypto Question
2006c.html#35 X.509 and ssh
2006b.html#37 X.509 and ssh
aadsm23.htm#51 Status of opportunistic encryption
aadsm23.htm#29 JIBC April 2006 - "Security Revisionism"
aadsm22.htm#4 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
2005t.html#6 phishing web sites using self-signed certs
2005r.html#54 NEW USA FFIES Guidance
2005o.html#31 Is symmetric key distribution equivalent to symmetric key generation?
2005n.html#33 X509 digital certificate for offline solution
2005m.html#15 Course 2821; how this will help for CISSP exam ?
2005l.html#37 More Phishing scams, still no SSL being used
2005l.html#36 More Phishing scams, still no SSL being used
2005l.html#35 More Phishing scams, still no SSL being used
2005l.html#29 Importing CA certificate to smartcard
2005l.html#23 The Worth of Verisign's Brand
2005l.html#12 The Worth of Verisign's Brand
2005l.html#7 Signing and bundling data using certificates
2005i.html#7 Improving Authentication on the Internet
2005i.html#4 Authentication - Server Challenge
2005i.html#3 General PKI Question
2005i.html#2 Certificate Services
2005h.html#27 How do you get the chain of certificates & public keys securely
2005h.html#25 couple more Q's on basic public key encryption techniques
2005g.html#45 Maximum RAM and ROM for smartcards
2005g.html#9 What is a Certificate?
2005f.html#62 single-signon with X.509 certificates
2005e.html#45 TLS-certificates and interoperability-issues sendmail/Exchange/postfix
2005e.html#38 xml-security vs. native security
2005e.html#22 PKI: the end
2004m.html#23 Help! I'm trying to understand PKI - especially CA's role
2004j.html#9 Smart card Authentification
2004j.html#7 New Method for Authenticated Public Key Exchange without Digital Certificates
2004j.html#6 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
2004h.html#51 New Method for Authenticated Public Key Exchange without Digital Certificates
2004g.html#5 Adding Certificates
2003k.html#66 Digital signature and Digital Certificate
2003g.html#47 Disk capacity and backup solutions
2001f.html#79 FREE X.509 Certificates
2000f.html#15 Why trust root CAs ?
aadsm20.htm#17 the limits of crypto and authentication
aadsm20.htm#11 the limits of crypto and authentication
aadsm20.htm#5 the limits of crypto and authentication
aadsm19.htm#40 massive data theft at MasterCard processor
aadsm19.htm#33 Digital signatures have a big problem with meaning
aadsm19.htm#17 What happened with the session fixation bug?
aadsm19.htm#11 EuroPKI 2005 - Call for Participation
aadsm18.htm#52 A cool demo of how to spoof sites (also shows how TrustBar preventsthis...)
aadsm18.htm#31 EMV cards as identity cards
aadsm18.htm#29 EMV cards as identity cards
aadsm18.htm#27 EMV cards as identity cards
aadsm18.htm#7 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#6 dual-use digital signature vulnerability
aadsm18.htm#5 Using crypto against Phishing, Spoofing and Spamming
aadsm18.htm#1 dual-use digital signature vulnerability
aadsm17.htm#54 Using crypto against Phishing, Spoofing and Spamming
aadsm17.htm#41 Yahoo releases internet standard draft for using DNS as public key server
aadsm17.htm#4 Difference between TCPA-Hardware and a smart card (was: examp le: secure computing kernel needed)
aadsm16.htm#21 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
aadsm13.htm#10 X.500, LDAP Considered harmful Was: OCSP/LDAP
aepay10.htm#76 Invisible Ink, E-signatures slow to broadly catch on (addenda)

top, by subject: technology, networking, public key, integrity, Boyd


(other) Postings by various subjects

360/370 m'code
First 360 PCM/OEM Controller
Misc. 545 Tech Sq and Cambridge Science Center
Disk Engineering
Performance and/or Scheduling
Cluster, High Availability and/or Loosely-Coupled
APL and/or HONE
Multiprocessor, tightly-coupled, SMP, compare&swap
Working Set, LRU, WSClock Page Replacement Algorithm
Misc. subthreads:
801 &/or ROMP
Misc. mainframe related threads:
Memory Mapping & File System
Backup, storage management
Benchmarking, workload profile, capacity planning
Future system
Problem determination, zombies, dump readers
System/R, SQL/DS, misc RDBMS
Location/address independent code
Misc. commercial time-sharing
peer-coupled shared data
GML origin at science center
misc VAMPS and/or bounce lock
continuous availability, disaster survivability, geographic survivability
mentioning HASP
IBM DASD, CKD, FBA, vtocs, multi-track search, etc
BDAM and/or CICS
Unbundling and charging for software
Misc. Bitnet, Earn
HSDT, HYPERChannel
Misc. ARPANET, NSFNET, Internet
OSI and High Speed Protocol
Misc. Interop '88 references
Misc. Internal Network references
RFC1044 Implementation
Various Terminal Emulation issues
Computer Mediated Conversation
3 tier, middle layer, SAA
Original Payment Gateway

three factor authentcation
Assurance
some mention of EU FINREAD
Risk, Fraud, Exploits, Vulnerabilities
Account Number Harvesting
postings mentioning MITM attacks
Buffer overflows, overruns, exploits
Secrets and Account numbers
Counterfeit YES CARDS
Naked Transaction Metaphor
Boyd
other Boyd references from around the web

top, by subject: technology, networking, public key, integrity, Boyd - home