« November 2005 | | January 2006 »
December 15, 2005
In Class This Week ...
I discussed digital signatures in my last class. One of the students asked me why the sender would bother to encode the message digest using its private key. After all, anyone can obtain the sender's public key and decode the message, so why bother encoding it at all?
I tried three or four answers to that question -- none made much sense to the class (or me) -- it became a real mish-mash of a lecture. Finally, I gave up and said I'd email the answer as soon as I could figure it out.
Because it was the last lecture, I then passed out the course evaluation forms. Given the mish-mash I'd just made, I'm not looking forward to their opinions on "clarity of instructor's explanations" and "knowledge of the instructor." Why fall on my face immediately prior to the evaluations? Oh, well.
Posted by DavidK at 04:20 PM | Comments (0)
Authentication vs. Encryption
I'd have been desperate to find the answer before the final, but I had a secret resource: Ray Panko at the University of Hawaii. In desperation I emailed Ray and, like always, he straightened me out. His response:
"The digital signature is about authentication (and message integrity), not confidentiality. In authentication, the sender has to prove they have something nobody else could have. In this case, it is their private key. Any recipient can get the digital certificate of the party the sender is claiming to be. This cert contains the claimed person's public key. Thus, any receiver can check the message's digital certificate for authentication."
That makes sense. Thus, there are two uses for public and private keys. For confidentiality, encode the plaintext with the receiver's public key. For authentication, encode the message digest (or other message to be authenticated) with your own private key. Your private key authenticates you.
Can I claim I'm modeling coping with failure and the importance of networking?
Posted by DavidK at 04:18 PM | Comments (0)
MIS Cases ...
John Lundin at San Jose State structures his MIS class around cases. He sent me three links to cases he's using this term:
John is known for his superb case presentations and he agreed to video his presentation of at least one of them next year. I'm thinking that we could create a section on this site that would have web streaming videos -- not only of John, but of anyone else who's making videos that would be useful to the rest of the TeachingMIS community. Thoughts to be continued ...
Posted by DavidK at 04:15 PM | Comments (0)
Character Assassination on Wiki
Someone posted a malicious, false biography of John Seigenthaler on Wikipedia. After some effort, Mr. Seigenthaler convinced Wiki to remove the false content, but efforts to learn the identity of the entry's author were fruitless. Wikipedia gave him an IP address that led to a customer of BellSouth Internet. Repeated requests to BellSouth's Abuse Team generated no information:
"Major communications Internet companies are bound by federal privacy laws that protect the identity of their customers, even those who defame online. Only if a lawsuit resulted in a court subpoena would BellSouth give up the name."
Read the whole thing at USA Today.
The big question here is, of course, what happens when anonymous sources can publish anything, without consequence, on a worldwide public forum? How do we preserve the character of the Web while protecting legitimate interests from slander? Good grist for an MIS class discussion, I think.
Posted by DavidK at 04:13 PM | Comments (0)
What's This about???
Microsoft annouced that it's co-sponsoring an XML standard called Open Office XML. This XML standard will be the default file format for Office 12, the next version of Microsoft Office.
Why does Microsoft want to facilitate the sharing of its documents with non-Microsoft products? Why does it want .doc, .xls, and .ppt documents to be readily readable by other products? Why does it want to enable DK Enterprises to produce the lightweight word processor that I really want (it looks a lot like Word 3.0, by the way).
Microsoft acts only to further its interests (as well it should!). So, what's the angle? It must believe that DK Enterprises cannot threaten Office sales ... and Sun's Open Office reads the Office binary files anyway ... so they're losing nothing with this standard and they are promulgating XML. Maybe use of XML benefits Microsoft's own product offerings? Makes the Office 12 suite sweeter? I have a nagging feeling I'm missing the real story. Any ideas?
Posted by DavidK at 04:11 PM | Comments (0)
End of Quarter Madness
This past week I've been wrapping up class, giving and grading finals, etc., and I haven't been able to blog. Lots of ideas have been submitted to me via email, however, that I will publish over the next several weeks.
Posted by DavidK at 04:08 PM | Comments (0)