|
From: | Jacob Bachmeyer |
Subject: | Re: [Taler] [address@hidden: 'Oh, that's an idea...': U.S. parents respond to China screen time ban] |
Date: | Tue, 07 Sep 2021 20:05:49 -0500 |
User-agent: | Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.8.1.22) Gecko/20090807 MultiZilla/1.8.3.4e SeaMonkey/1.1.17 Mnenhy/0.7.6.0 |
Jeff Burdges wrote:
On 7 Sep 2021, at 05:17, Richard Stallman <rms@gnu.org> wrote: how does that relate to practical questions, such as whether the server implements DRM and the browser helps?I've never spoke about DRM here and DRM seems totally off-topic.Jacob miss-read my comment because I wrote "their own browser would not do so” when I should’ve written "their own browser could not do so.” In my defence, my entire long comment was about a type of cryptographic ring signature, and human language has plenty of error correction, so it’s completely disingenuous to suddenly read in DRM over one c being a w.
Correct; I misread your comment. A better way to write that would have been "their browser would be unable to complete the session negotiation" or similar and explain that the server is specifically demanding a zero-knowledge proof.
On balance, this looks similar to TLS client certificates, except that the server is unable to determine *which* client is opening a session. This is considerably less nasty than your imprecision had hinted at earlier.
How does your proposed system handle a "borrowed" or outright stolen user key? The server cannot identify the user, so how can Mallory walking off with a copy of Alice's key be detected?
-- Jacob
[Prev in Thread] | Current Thread | [Next in Thread] |