HTTPS mutual authentication alpha release - please test
Nick Owen
nowen at wikidsystems.com
Mon Nov 7 13:47:22 EST 2005
James A. Donald wrote:
> --
> It seems to me that mutual authentication is pretty much
> irrelevant to HTTPS and certificates. You mutually
> authenticate by both knowing the password, as in SPEKE.
>
> Of course, SPEKE is patented, so is this scheme a way of
> getting around the patents?
We're not that smart - well, perhaps I should speak only for myself. We
originally developed WiKID to target corporate VPNs with the WiKID
client running on a wireless device (the Wi in WiKID) with no thought of
mutual authentication because phishing was only getting under way. Only
after we added the client support for Windows, Mac & linux and phishers
started getting really active did we think about adding MA.
>
> --digsig
> James A. Donald
> 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
> a5RzA9UesxiZw+cjRsz+8yPLKwJdTMfUjcQq0iZf
> 4ybo9wAzZZNG5YyF69jzKw/oXw3fL7FGj86oXey46
>
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
>
--
Nick Owen
WiKID Systems, Inc.
404.962.8983 (desk)
404.542.9453 (cell)
http://www.wikidsystems.com
At last, two-factor authentication, without the hassle factor
Now open source: http://sourceforge.net/projects/wikid-twofactor/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list