Silicon Investor (SI) -- The First Internet Community

STOCKTALK

We've detected that you're using an ad content blocking browser plug-in or feature. Ads provide a critical source of revenue to the continued operation of Silicon Investor. We ask that you disable ad blocking while on Silicon Investor in the best interests of our community. If you are not using an ad blocker but are still receiving this message, make sure your browser's tracking protection is set to the 'standard' level.

Technology Stocks : Novell (NOVL) dirt cheap, good buy? -- Ignore unavailable to you. Want to Upgrade?

To: Bearded One who wrote (28125)	9/15/1999 2:19:00 AM
From: Scott C. Lemon	Read Replies (1) \| Respond to of 42771

Hello Bearded One, > I think that this problem is addressed by public-key algorithms. Yes ... we are both talking about the same things here ... > The key is to encrypt using two keys, your private key and the > public key of the person to whom you are sending the attribute. I'd actually encrypt with their public, and then sign the value with my private. > Say I have an attribute A which I want Alice to be able to view. I > use Alice's public key and my private key to encrypt A, and Alice > can then view A with her private key and my public key. Or, more to > the point, I keep a list of public keys of the people whom I want > to allow to read attribute A and encrypt with the appropriate key + > my private key when that person comes calling. If I want to revoke > access for person X, I simply drop X's public key from my list. So this brings up the very important parts - are we talking about the "transmission" of data from one person to the other, or the "storage" of that data in the "vault"? It is one thing to encrypt and sign data before transmitting it to another person, but what format will it be in when it is in the "vault"? Do I have encrypted versions saved for everyone that I have granted access? If it is only encrypted "on the fly" when read occurs, then it still doesn't explain what the "vault" storage format would be ... it must be "unencrypted" so that it can "encrypted" for each person. Even if it's stored in some "encrypted" format, that only I have keys for, it must somehow be unencrypted and then re-encrypted with the public key of the person I'm sharing with. How did that work? Did the "vault" provide this service? Then it must have had my keys ... without my involvement? Sorry ... even on my safety deposit box they can't open it without me. I'm all for the encryption of transmission ... I think that is inevitable ... but the storage comes back to trust models, IMHO. Scott C. Lemon