The real problem that https has conspicuously failed to fix
James A. Donald
jamesd at echeque.com
Wed Jun 11 23:20:04 EDT 2003
--
On 10 Jun 2003 at 23:26, Anonymous wrote:
> In short, if Palladium comes with the ability to download
> site-specific DLLs that can act as NCAs, it should allow for
> solving the spoofed-site problem once and for all. When you
> login to paypal or e-gold, you would authenticate yourself
> using a cert that only those sites could see. This can be
> done in the framework of standard SSL, but would require a
> Palladium-aware browser.
Well, this would work just great provided the browser was made
palladium aware in such a way as to be useful to the user,
rather than to verisign.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
VBdyipPLv5JzjJ0eIFxxeMDsO30Us9Mvs7lmm2ka
4R5+YjVhKptjgGIVZsjTfX5nDogjTf2G8x7fRhKmN
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list