[cryptography] The Government and Trusted Third Party

James A. Donald jamesd at echeque.com
Sun Sep 18 23:39:10 EDT 2011


> On 19/09/11 6:53 AM, James A. Donald wrote:
>> These days, most retail transactions have a sign in.
>>
>> Sign ins are phisher food.
>>
>> SSL fails to protect sign ins.

On 2011-09-19 1:12 PM, Ian G wrote:
> Hence, frequent suggestions to uptick the usage of client certificates,
> SRP, and SSL itself.

Client certificates and SSL seem unlikely to protect sign in.

The chairman of the board cannot handle a client certificate.  He 
outsources that to someone in IT whose name he does not know.  Not very 
secure.




More information about the cryptography mailing list