Announcing httpsy://, a YURL scheme
Ed Gerck
egerck at nma.com
Wed Jul 16 16:55:14 EDT 2003
Tyler Close wrote:
> On Wednesday 16 July 2003 13:58, Ed Gerck wrote:
> > BTW, IMO this thread has suffered the constant, excessive use of sweeping
> > statements and arguments. The way I see it, until the statement that
> > "Authentication of the target site MUST ONLY rely on information contained
> > in the YURL" is revisited, there is nothing much to discuss since there is
> > already a single point of failure that is fatally built into the system.
>
> In the authentication primer at:
>
> http://www.waterken.com/dev/YURL/Primer/
>
> there is a statement:
>
> "Authentication verifies the site you were actually introduced to,
> not the site you thought you were introduced to."
>
> Ed, do you agree or disagree with the quoted statement?
Authentication that reads thoughts .... sites that you are "actually"
introduced to (MITM, anyone?) ...
I believe you would want to edit that content before I comment it,
as well as the one I am quoted above.
Cheers,
Ed Gerck
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list