[Cryptography] Client certificates as a defense against MITM attacks

Thierry Moreau thierry.moreau at connotech.com
Mon Mar 17 08:43:59 EDT 2014

Previous message: [Cryptography] Client certificates as a defense against MITM attacks
Next message: [Cryptography] Client certificates as a defense against MITM attacks
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 03/16/14 13:56, Jerry Leichter wrote:
>
> Am I missing something obvious here?

Maybe you merely (re-)invented the HTML cookie holding the client 
private key.

More or less explicitly, the "first party certification paradigm" seems 
attractive to you: no CA-in-the-loop for server trust in client public keys.

- Thierry Moreau

Previous message: [Cryptography] Client certificates as a defense against MITM attacks
Next message: [Cryptography] Client certificates as a defense against MITM attacks
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the cryptography mailing list