Key distribution via NFC

[NdK]

Il 04/07/2014 05:54, Robert J. Hansen ha scritto:

> If someone asks you for your certificate, you don't have to
> trade a SHA-1 fingerprint -- just put down your keychain and let the
> person wave a cell phone over it.
Just place in the tag the URL where to retrieve your key.

> Obviously there are risks associated with NFC, and I haven't done any
> real looking at the security model of NFC -- it's very likely there are
> big things I'm overlooking.  But the ability to store 400 bytes, to
> access it quickly and easily, and all in a tag that costs less than a
> dollar and can be read with almost any modern smartphone, is kind of cool.
Or, as suggested, use the whole phone as a smart tag, placing it in
"device mode" with a suitable applet that sends your whole key w/o the
limit of 400 bytes.

Too bad it's quite easy to reprogram the tags, IIUC, so the applet
method should be preferred. IMOP, such an applet should be able to use
bluetooth, too, to allow sending the key to non-nfc enabled phones (but
maybe a simple file manager could be enough for this? Maybe some file
managers already allow to send via NFC too)...

BYtE,
 Diego.