My opinion is that data signatures are not the correct way to go. Even the
term "signature" seems to imply that can be forged or duplicated.
I think that the same technique used for one-way encryption keys are a
better way to go.
----------
From: owner-hp3000-l
To: Multiple recipients of list HP3000-L
Subject: Thoughts on digital signatures and certificates?
Date: Monday, September 23, 1996 4:33PM
Group:
I was wondering if anyone else has been looking into Netscape ONE intranet
software. They are using digital signatures and a certificate server to
authenticate access. The beauty of certificates is that you simply register
them where you want to do business, like opening a charge account. The
method assures the retailer that you are indeed who you say you are -
anywhere on the Internet.
Will "portable" security be the way of the future? What will become of the
highly centralized DCE and Kerberos?
----------------------------------------------------------------
Eric J. Schubert Excellence In Service, Senior Analyst
Univ of Notre Dame, IN USA Office of Information Technologies
(219) 631-7306 http://www.nd.edu/~eschuber
"Innovate - not imitate"