confusion

Article:		Terence Spies on Identity-Based Encryption
Subject:		confusion
Date:		2003-08-14 07:28:21
From:		anonymous2

I'm confused as to how the access-control-string, which is the crux of the security mechanism, is used as a secure authentication device. It would seem that in this system, the email is no more secure than the recipient's email system, so while it may protect while in transit, if I get control of the recipient's account, I could read messages. How is this better than just sendmail on top of ssl? (assuming such a beast can be built) Also, what is to stop me from caching a time-sensitive key, thereby allowing me to read messages past their expiration? Perhaps if you outlined what was assumed trusted vs untrusted I could get a better feel for how the system works. Johan

View All RSS Feeds >

800-889-8969 or 707-827-7019
Monday-Friday 7:30am-5pm PT
©2011, O'Reilly Media, Inc.
All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.