James A. Donald
jamesd at echeque.com
Fri Sep 23 21:45:27 EDT 2011
>>> And further, you should have a client app on your computer for dealing with
>>> shared secrets, which is only capable of attempting a visa payment with an
>>> entity trusted by Visa.
On 2011-09-24 4:06 AM, John Levine wrote:
> I don't see how to do that in a useful way without non-programmable
> hardware. We've seen PC-based malware do pretty much any MITM attack
> you can imagine.
Most computers are not controlled by malware, and the malware argument
is as much an argument against existing ssl/https/pki as it is against
any alternative to ssl/https/pki
More information about the cryptography