[Cryptography] SRP for mutual authentication - as an alternative / addition to certificates?
Ben Laurie
ben at links.org
Tue Aug 4 21:57:30 EDT 2015
On Tue, 4 Aug 2015 at 18:09 Carlo Contavalli <ccontavalli at gmail.com> wrote:
> On Mon, Aug 3, 2015 at 8:19 PM, Tony Arcieri <bascule at gmail.com> wrote:
> > On Sun, Aug 2, 2015 at 9:54 AM, Carlo Contavalli <ccontavalli at gmail.com>
> > wrote:
> >>
> >> Are there / why are not similar technologies used for web?
> >
> > Two words: user experience
> >
>
> It's 2015 - I'm sure we could figure something out?
>
> Without thinking much...
Right, because why bother to think about one of the longest standing
security problems we have on the 'net? Obviously you should be able to fix
that in your sleep.
How about you don't think about this much: how do you prevent phishing in
your scheme?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150805/12ca4c74/attachment.html>
More information about the cryptography
mailing list