[cryptography] Security Pop-Up of the Day

Chris Palmer snackypants at gmail.com
Wed Sep 21 18:09:08 EDT 2011


On Wed, Sep 21, 2011 at 2:27 PM, Joe St Sauver <joe at oregon.uoregon.edu> wrote:

> Well, its obviously not quite that easy yet, but users can currently get
> a free client cert by visiting a web page and filling out a form, and

IanG's point was that there should be no web page, no form. You know
how sshd generates a host key when there isn't one yet? Like that.


-- 
"These days, though, you have to be pretty technical before you can
even aspire to crudeness." — William Gibson



More information about the cryptography mailing list