|
TN0003: Some Thoughts about Trust The overlooked question: Which computer do you trust so much that you allow it to decrypt and use your most personal information? The answer to this question determines the architecture of the software you use. Alternative One: You trust your client computer [Because you own it or it is your regular workstation or it is your mobile phone or PDA.] In this case you can store pointers to the storage form of your cyberbody on this computer. The software installed asks for your password and retrieves your cyberbody. From then on, it acts like a browser starting helper applications that access your services with the given authorization information. Alternative Two: You don't trust your client computer [Because you are in an Internet cafe.] In this case you have to be paranoid. Whatever you type in might end up in your adversary's hands a few minutes later. This means that you can only use this computer to access another computer that you trust (a web server) and make this trusted computer act on your behalf. This also means that the untrusted client can only use one-time passwords for accessing the trusted server. For Alternative One, a suitable implementation would be a Java Application presenting a user's desktop, and starting helper applications like mail reader, web browser, text editors when asked to. For Alternative Two, a suitable implementation on the client side seems to be a web brower executing a donwloaded Java applet (downloaded from the trusted server) which would only send graphical information back and forth. The desktop logic, and the helper applications described in Alternative One would reside on the trusted server and send their screen output over the Net to the Applet running on the client. (c) July 19, 2001 by Carsten Kuckuk, Ludwigsburg, Germany, E-Mail: ck@kuckuk.com, permission is granted to modify and distribute this document in its entirety in the spirit of the GPL license . Document History First Version: July 19, 2001 sent as an e-mail to the mailing list auth@dotgnu.org Questions? If you have any questions, please send e-mail to Carsten Kuckuk at . |