[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

verisign digital id's for outlook <shudder>

To: [email protected]
Subject: verisign digital id's for outlook <shudder>
From: jkthomson <[email protected]>
Date: Fri, 06 Nov 1998 21:06:08 +0000
Sender: [email protected]




A quick question for all you security-savvy people.  Our IT instructor has
asked the class to sign up for verisigns' 60-day trial of a class 1 digital
id.  

pfaugh.  give me a copy of PGP anyday!  at least I can (easily) take my
keys with me!

I also understand that a well (poorly?) written activeX applet can grab my
key basically without my knowledge (to speak nothing of the other myriad
holes in win98/95)

My question is, where the hell is the private key kept on the users box?
How is it protected against attack? I had to voice my displeasure with the
instructor that I could not take the ID with me on a floppy so that the
night class would not have potential access, but got the usual 'it is
secure enough, let it be' attitude.

Thanks in advance for any information!

 

-----------------------------------------------------------------------
 james 'keith' thomson <[email protected]>  www.bigfoot.com/~ceildh
 jkthomson:C181 991A 405C EAFB 2C46 79B5 B1DC DB78 8196 122D [06.07.98]
 ceildh   :1D79 59AF ED75 5945 6003 8240 DA34 ACCA 9DE4 6BC9 [05.14.98]
 ICQ:354111 <keys> at pgp.mit.edu     ...and former sysop of tnbnog BBS
-----------------------------------------------------------------------
"You shouldn't overestimate the IQ of crooks." - Stuart Baker, of NSA
explaining why crooks and terrorists who are smart enough to use data
encryption would be stupid enough to choose DES
=======================================================================

Prev by Date: ASHCROFT 2000 RIP?
Next by Date: Re: dbts: Privacy Fetishes, Perfect Competition, and the Foregone (fwd)
Prev by thread: ASHCROFT 2000 RIP?
Next by thread: Re: verisign digital id's for outlook <shudder>
Index(es):
- Date
- Thread