|
|
 |
| Author |
Message |
Roedy Green
|
 Posted: 10/26/2007 2:57:00 AM |
Top |
java-programmer, Telephonic Credentials
I think it would be nice if I could prove to someone on the other end
of the phone I am me, and demand they prove they are who they claim to
be.
It could be done by letting a modem kick in for a second to exchange
challenge phrases to be encrypted by identification certificate that
might include name, address, phone number, expiry date, company.
Then if some charity I donate to phone me, I can be sure it is them.
There are so many scams out there.
It might also be done by each of us contacting an Internet server.
Has anyone heard of such projects?
--
Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com
|
| |
|
| |
|
Daniel Pitts
|
| Posted: 10/26/2007 5:34:00 AM |
Top |
java-programmer >> Telephonic Credentials
Roedy Green wrote:
> I think it would be nice if I could prove to someone on the other end
> of the phone I am me, and demand they prove they are who they claim to
> be.
>
> It could be done by letting a modem kick in for a second to exchange
> challenge phrases to be encrypted by identification certificate that
> might include name, address, phone number, expiry date, company.
>
> Then if some charity I donate to phone me, I can be sure it is them.
>
> There are so many scams out there.
>
> It might also be done by each of us contacting an Internet server.
>
> Has anyone heard of such projects?
I don't know about phone based security, but I know that the concept is
used in PGP and GPG.
Basically, you can ask the person to cryptographically sign something.
For instance, if they have a private key, and you have a public key
(which you know is theirs), ask them to encrypt a simple,
random-each-time value. Then verify that the trusted public key can
decrypt that value. This verifies that the caller has access to the
private key that matches the public key you tested.
Of course, you still have to be sure that the public key is the public
key of the entity you believe it is.
Actually, you can do the other way around too. Encrypt something with
the public key, ask them to decrypt it and tell you want it was.
--
Daniel Pitts' Tech Blog: <http://virtualinfinity.net/wordpress/>
|
| |
|
| |
|
Greg R. Broderick
|
| Posted: 10/26/2007 7:50:00 AM |
Top |
java-programmer >> Telephonic Credentials
Roedy Green <email***@***.com> wrote in
news:email***@***.com:
> I think it would be nice if I could prove to someone on the other end
> of the phone I am me, and demand they prove they are who they claim to
> be.
http://en.wikipedia.org/wiki/Automatic_number_identification
Already there.
--
---------------------------------------------------------------------
Greg R. Broderick email***@***.com
A. Top posters.
Q. What is the most annoying thing on Usenet?
---------------------------------------------------------------------
|
| |
|
| |
|
Lew
|
| Posted: 10/26/2007 1:10:00 PM |
Top |
java-programmer >> Telephonic Credentials
Greg R. Broderick wrote:
> Roedy Green <email***@***.com> wrote in
> news:email***@***.com:
>
>> I think it would be nice if I could prove to someone on the other end
>> of the phone I am me, and demand they prove they are who they claim to
>> be.
>
> http://en.wikipedia.org/wiki/Automatic_number_identification
>
> Already there.
That doesn't speak to identifying the participant, at least not until phone
numbers represent the unique subcutaneous transponder for each individual.
--
Lew
|
| |
|
| |
|
Roedy Green
|
| Posted: 10/26/2007 8:06:00 PM |
Top |
java-programmer >> Telephonic Credentials
On Fri, 26 Oct 2007 01:09:41 -0400, Lew <email***@***.com> wrote,
quoted or indirectly quoted someone who said :
>That doesn't speak to identifying the participant, at least not until phone
>numbers represent the unique subcutaneous transponder for each individual.
I elaborate on the project and how you might implement it at
http://mindprod.com/project/telid.html
--
Roedy Green Canadian Mind Products
The Java Glossary
http://mindprod.com
|
| |
|
| |
|
| |
|
