[Cryptography] SRP for mutual authentication - as an alternative / addition to certificates?
Ben Laurie
ben at links.org
Wed Aug 12 00:56:26 EDT 2015
On Wed, 12 Aug 2015 at 02:24 Tony Arcieri <bascule at gmail.com> wrote:
> On Wed, Aug 5, 2015 at 11:51 AM, Ben Laurie <ben at links.org> wrote:
>
>> I use one of those, but it doesn't really help with my other devices.
>>
>
> U2F is just a protocol. Your "other devices" could also act as U2F tokens
> themselves (e.g. your SmartWatch could act as a U2F token for your
> SmartPhone).
>
I don't wear a watch.
> Or (potentially) something like a Yubikey could provide U2F over Bluetooth
> or NFC.
>
I'm not sure potential logins are much use to me. :-)
>
>
>> And I'm screwed if I lose it (well, I'm not, because I'll be given
>> another, but if I were a member of the public I would be).
>>
>
> Buy two and keep another as a backup, then revoke the first when you lose
> it.
>
So, if I'm on holiday, I do without access for the remaining 2 weeks?
> But losing credentials is a general problem with any authentication system.
>
True, but that doesn't give you a licence to ignore it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150812/f2294049/attachment.html>
More information about the cryptography
mailing list