Nelson B wrote: > Peter Djalaliev wrote: > >> [...] another disadvantage of PKI is that it authenticates only user >> identity, not remote host integrity. > > Disadvantage, as compared to what? > Something that doesn't exist yet? > Big Brother? > > Full blown TPM is not the answer: User's don't want Big Brother. > > However, most TPM chips today also serve as FIPS 140 hardware crypto > modules, which provide a good solution to the compromised private key > problem. I think good hardware crypto modules that make compromised > private keys impossible (or nearly so) are a reasonable solution. > Big Brother is not.
Security (encryption) comes in various levels, and we all knew this, so why not make this clear in the UI? Why not add TPM as the top of the notch (and please forgive me; but get over this Big Brother thing you keep referring to) and level down to zero/red or whatever for plain http? -- Michael Vincent van Rantwijk - MultiZilla Project Team Lead - XUL Boot Camp Staff member (ActiveState Training Partner) - iPhone Application Developer _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
