More apropos, there are some interesting posts on how to turn the MD5 collision attack into a useful attack involving primes. John Kelsey suggested one and several posts pursue it. Start here.
Which is looking good and it is nice to see some critical attention to Kim Cameron's Laws on Identify(ing Microsoft's Future Customers). (See also here Stefan Brands' blog for more on Identity.)
Mind you, Ben claims that x.509 is not suitable because "standard X.509 statements are verifiable, but not minimal nor unlinkable." I'm troubled by that word "verifiable." Either an x.509 cert points to somewhere else and therefore it in itself is not verifiable, just a reliable pointer to somewhere else, or the somewhere else is included in which case we are no longer talking about x.509.
Still, this is one of those debates where words twist their meaning faster than the average security guy can think, so let's save that for the bar.
Welcome!Posted by iang at October 13, 2005 03:03 PM | TrackBack