Re: [saag] SHA-1 to SHA-n transition

[Peter Gutmann <pgut001@cs.auckland.ac.nz>]

Jeffrey Hutzelman <jhutz at cmu.edu> writes:

>You seem to imply that only weird technical people have or use more than one
>computer. This is certainly not true; many people have a computer at home and
>one at work, and many of those are quite non-technical. Computers have become
>commonplace desktop items both in the home and in the office.

Thanks, you just won me $20.

(The wager was that, no matter how many disclaimers and explanatory comments I 
add (e.g. "not perfect but works for most of the people most of the time and 
it's a damn sight better than what we have now"), someone will always, always 
pipe up with some variation of "I own eight computers and this would never 
work for me and therefore it won't work for anyone else either".  As long as 
there are at least 2-3 geeks in the audience and they're not HCI people, this 
one never fails).

>Also, telling people "if the disk on your home PC dies, your life is over" is
>a good way to get them _not_ to use a scheme like this.

How is this different from the fact that if the never-backed-up 250GB disk
full of financial records, family photos, personal letters, and business data
on their PC dies their life is over anyway, whether there's crypto info on
there or not?  If you think that having to do a password reset for the few
critical accounts that actually matter and re-enrolling for
www.knittingpatterns.com is in the same league as losing your business account
records and the last photos taken of your parents before they passed away then
you seem to have a somewhat odd interpretation of "a life" :-).

Peter.