[Auth]Some thoughts about Trust

[Carsten Kuckuk]

The overlooked question:

Which computer do you trust so much that you allow it to decrypt and use
your most personal information? The answer to this question determines
the architecture of the software you use.

Alternative One: You trust your client computer
[Because you own it or it is your regular workstation or it is your
mobile phone or PDA.] In this case you can store pointers to the storage
form of your cyberbody on this computer. The software installed asks for
your password and retrieves your cyberbody. From then on, it acts like a
browser starting helper applications that access your services with the
given authorization information.

Alternative Two: You don't trust your client computer
[Because you are in an Internet cafe.] In this case you have to be
paranoid. Whatever you type in might end up in your adversary's hands a
few minutes later. This means that you can only use this computer to
access another computer that you trust (a web server) and make this
trusted computer act on your behalf. This also means that the untrusted
client can only use one-time passwords for accessing the trusted server. 

For Alternative One, a suitable implementation would be a Java
Application presenting a user's desktop, and starting helper
applications like mail reader, web browser, text editors when asked to. 

For Alternative Two, a suitable implementation on the client side seems
to be a web brower executing a donwloaded Java applet (downloaded from
the trusted server) which would only send graphical information back and
forth. The desktop logic, and the helper applications described in
Alternative One would reside on the trusted server and send their screen
output over the Net to the Applet running on the client.

Carsten Kuckuk