once more, with feeling.
James A. Donald
jamesd at echeque.com
Mon Sep 22 13:38:38 EDT 2008
Eric Rescorla wrote:
> This is precisely the issue.
>
> There are any number of cryptographic techniques that would allow
> clients and servers to authenticate to each other in a phishing
> resistant fashion, but they all depend on ensuring that the
> *client* has access to the password and that the attacker can't
> convince the user to type their password into some dialog
> that the attacker controls. That's the challenging technical
> issue, but it's UI, not cryptographic.
Browser UI needs changing. Login, and account creation, should take
place on the trusted path, and in a special window, not easily faked - a
non rectangular window that partially overlaps the browser window, and
which contains information specific to this computer's past interactions
with this website.
We could also mandate that you can only login by clicking on a smart
bookmark, which knows that it is a bookmark to a login, but this would
involve turning existing sites upside down, which would be a hard sell.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list