INFS 766, NG Spring 2004, Assignment 2

Ravi Sandhu

Due 6/15/04 in class.


This is an individual assignment. You are required to solve it on your own using whatever material you like. Please ssubmit the following honor code statement with your solution:


I have not taken any help on this assignment from anyone and not provided any help to anyone. The solution has been entirely worked out by me and represents my individual effort.


Please submit hard copy with the honor code statement. Your solution should be presented as a technical paper and should read smoothly and with continuity. Any additional references used should be accurately cited. Keep a copy for your records and reference. Any clarification questions regarding the assignment should be emailed to Clarifications will be posted on this page as needed. If you will not be in class on 6/15/04 please submit by email to or by fax to 253-563-3509. (For email submission a simple statement of the honor code is sufficient, physical signature is not required.)


Answer both questions. For both questions provide a word count. Figures and Tables are exempted from the word count. Both questions have equal weight.


1.      Write a 500 word critical review of the following paper.

         Keyjacking: Risks of the Current Client-side Infrastructure
Paper (PDF), Presentation (PDF)
John Marchesini, S. W. Smith, Meiyuan Zhao, Dartmouth College

2nd PKI Research Workshop, 2003. 


1.      Read the following column in the Feb 2004 issue of IEEE Computer.


         Simplifying public key management
Gutmann, P.
Computer, Vol.37, Iss.2, Feb. 2004
Pages: 101- 103


Write a 500 word article in response to this column. Tell me what you think about this column, including omissions, errors and areas where you disagree or agree with the author. Provide a list of additional sources used in your response. (This list does not count towards the 500 word limit.)