[cryptography] The Government and Trusted Third Party

Ian G iang at iang.org
Sun Sep 18 23:12:53 EDT 2011


On 19/09/11 6:53 AM, James A. Donald wrote:
> On 2011-09-18 7:55 PM, M.R. wrote:
>> It follows then that we are not looking at replacing the SSL
>> system with something better, but at keeping the current
>> SSL - perhaps with some incremental improvements - for the
>> retail transactions,
>
> These days, most retail transactions have a sign in.
>
> Sign ins are phisher food.
>
> SSL fails to protect sign ins.


Hence, frequent suggestions to uptick the usage of client certificates, 
SRP, and SSL itself.



iang



More information about the cryptography mailing list