Menu
▾
▴
Re: [Opensc-devel] SKS/KeyGen2 for Linux
|
From: Jean-Michel P. - G. <jm...@go...> - 2013-08-23 12:06:26
|
Le vendredi 23 août 2013 à 13:39 +0200, NdK a écrit :
> Your bank asks access to your token. You grant it the right to create
> keys and from this moment it cak create new keys "on your token" when
> needed.
What you call a "bank" can later access your keyring and add
information. Enrollment process is direct from provider to final
consumer without SO-Officer. Final consumer may not be aware of security
considerations. With Facebook, Google and various online services, there
is a tendency to "overclick" when a flow of information is send to final
user. And who is controlling the security provider and in which country
is situated what you call "cloud" and what is the legislation? Does the
legislation of provider apply or legislation of the user?
The "bank" is asking for my laptop and tells me "Ok, we can take care of
your laptop, go and have a beer while we add keys in your laptop, under
our own laws".
Just my 2 cents.
Kinds regards,
--
Jean-Michel Pouré - Gooze - http://www.gooze.eu
|
