Re: OT: Smartcards and Physical Security
On Wed, Dec 03, 2003 at 09:32:37AM -0600, Manoj Srivastava wrote:
> On Wed, 3 Dec 2003 14:17:18 +1100, Russell Coker <email@example.com> said:
> > On Wed, 3 Dec 2003 12:34, Don Armstrong <firstname.lastname@example.org>
> > wrote:
> >> The problems associated with them aren't too terribly different
> >> from those associated with keys or other forms of physical
> >> security, notably, that they can be stolen, or the output from them
> >> duplicated.
> > Using a smart-card means that logging in does not merely require
> > "something you know" but also "something you have". All the good
> > security guides say that security should depend on "something you
> > know and something you have", smart-cards plus a password meets this
> > criteria.
> An even better security guideline is "something you are" -- so
> should we not spring for retinal scanners/fingerprint readers/other
> buiometrics? I mean, we _are_ talking about other peoples money. :P
> > GPG smart-cards are entering the market. If GPG is crackable then
> > we have lost regardless. If GPG is secure then GPG smart-cards will
> > do as long as they are not stolen. Having revokation proceedures
> > for stolen cards and DD's reliable enough to follow them should deal
> > with this.
> Laptops with biometric print readers are supposed to be around
> the horizon as well.
So let's get one such sponsored for every DD ?