[Cryptography] Client certificates as a defense against MITM attacks
Guido Witmond
guido at witmond.nl
Wed Mar 19 09:16:55 EDT 2014
On 03/19/14 12:15, Peter Gutmann wrote:
> Guido Witmond <guido at witmond.nl> writes:
>
>> What if a user agent could do all that crypto-nerd stuff so the only actions
>> for the gays would be:
>>
>> - Sign up;
>> - Post message;
>> - Reply message;
>> - Send a few more if the original date and place are not suitable;
>> - Delete usb-stick;
>> - meet up.
>>
>> All those [Pages of text] that you took out are for fellow crypto-nerds to
>> shoot holes in it.
>
> In that case it would be good to see the mapping from technical detail to UI
> aspects, this is one of those things that historically has proven more or less
> impossible to make very usable, so it'd be interesting to see how the UI
> aspects are translated to the underlying technicalogy.
>
> Peter.
>
I've got a write-up about that on my plain old - non encrypted - blog site:
http://eccentric-authentication.org/blog/2013/06/12/walkthrough-datingsite.html
That page describes how the simplified user interfaces works from the
end-user perspective, ie, creating an account, logging in and out,
selecting among multiple accounts. It goes into private messages between
clients (although with the site as delivery vehicle).
We can separate identity from transport, Ie, we use the accounts at this
dating site to authenticate a ZRTP stream between two people directly.
How that works, I describe at:
http://eccentric-authentication.org/blog/2013/09/05/a-subversive-idea.html
Please let me know if things are still hazy.
Regards, Guido Witmond.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140319/cb4a4194/attachment.pgp>
More information about the cryptography
mailing list