[cryptography] Secure Remote Password (SRP) and Plaintext Emil Address

James A. Donald jamesd at echeque.com
Fri Oct 19 02:43:16 EDT 2012

On 2012-10-19 11:36 AM, Nico Williams wrote:
> But if you'd run SRP over TLS with TLS authenticating the server...
> then why bother with SRP or any ZKPP?

To protect against phishing, url redirection, state level enemies that 
can issue their own certificates, and so on and so forth.

More information about the cryptography mailing list