[Cryptography] Client certificates as a defense against MITM attacks
Thierry Moreau
thierry.moreau at connotech.com
Mon Mar 17 08:43:59 EDT 2014
On 03/16/14 13:56, Jerry Leichter wrote:
>
> Am I missing something obvious here?
Maybe you merely (re-)invented the HTML cookie holding the client
private key.
More or less explicitly, the "first party certification paradigm" seems
attractive to you: no CA-in-the-loop for server trust in client public keys.
- Thierry Moreau
More information about the cryptography
mailing list