From the News...

From: Ira Abramov (Lists-Linux-IL_at_nonexisting.hamakor.org.il)
Date: Sun 23 Feb 2003 - 16:58:13 IST

• Next message: Josh Roden: "Problem with apache."
• Previous message: Alex Shnitman: "RE: Problem with Pth or make or what?"
• Next in thread: Nadav Har'El: "Re: From the News..."
• Reply: Nadav Har'El: "Re: From the News..."
• Maybe reply: Yosi: "Re: From the News..."
• Reply: Oron Peled: "Re: From the News..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

another stage in getting digital signatures not only an empty law but a
reality in Israel:
http://www.ynet.co.il/articles/1,7340,L-2439240,00.html

interesting questions: who can trust the trustee? When you make an SSL
key, the part you send verisign is only your public key, not the private
one. The procedure in the article describes a case where a company
issues you the entire key pair. should I trust that key, coming on a
card or paper or my ID, where the secret key was not generated on
hardware I control (i.e. trust)? I don't need to tell you how damn
annoying it would be to discover the shabak has your secret key as well
:)

and even if I overcome that hurdle, how can I trust the software? to log
into a secure government site I'd have to swipe my card on my home
machine. sounds cool until you think closer: does the reader do the
authentication or does it pass the key to the main CPU? is the program
on the CPU that does the authentication trustable (i.e. locally viewable
and compilable program or an ActiveX downloaded with the page that does
who-kn0ws-what with your private key?).

in other words - Will Comsign sign my GPG key instead? :)

I went to the comsign.co.il website. the first thing I got was an ASP
cookie (not reassuring) which I naturally declined, the rest of the site
was not navigatable without MSIE. natch..
http://www.comsign.co.il/Products/ doesn't say anything about PGP, but
then again, I can't seem to find anything about verisign's PGP services
anymore on their own site (which I remember seeing once in the past)

-----------

The Digital Gap - lots of budgets and lots of activity, but this
reporter claims there are no results yet, and reports on partial
statistics:
http://www.ynet.co.il/articles/0,7340,L-2442554,00.html

the solution offered these days - yet another comittee to synchronise
efforts. I'd point out to anyone following these efforts to watch the
non-government projects, as they spring from real-world needs and not as
political extravaganzas.

-----------

finally, a cute gadget item: Nokia'r self out with a
cellphone/game/mp3/radio combo with a screen of a sub-notebook. ima'le!
http://www.ynet.co.il/articles/0,7340,L-2442614,00.html

-- 
Tried and tested
Ira Abramov
http://ira.abramov.org/email/ This post is encrypted twice with ROT-13.
Documenting or attempting to crack this encryption is illegal.
=================================================================
To unsubscribe, send mail to linux-il-request_at_linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request_at_linux.org.il

• Next message: Josh Roden: "Problem with apache."
• Previous message: Alex Shnitman: "RE: Problem with Pth or make or what?"
• Next in thread: Nadav Har'El: "Re: From the News..."
• Reply: Nadav Har'El: "Re: From the News..."
• Maybe reply: Yosi: "Re: From the News..."
• Reply: Oron Peled: "Re: From the News..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.7 : Mon 06 Oct 2003 - 23:44:22 IST