[cryptography] Why anon-DH is less damaging than current browser PKI (a rant in five paragraphs)

James A. Donald jamesd at echeque.com
Sun Jan 6 19:35:00 EST 2013

On 2013-01-07 9:20 AM, Peter Gutmann wrote:
> I'll update it as soon as browser PKI starts working (meaning that we have
> real evidence that it's effectively preventing the sorts of things attackers
> are doing, phishing and so on).  Deal?
The fundamental cause of phishing is that it is so easy to present a 
false email identity.

A phisher is typically representing himself as an entity with which you 
have a login relationship.

To protect against login phishing, we need to both provide 
password-authenticated key agreement 
<http://en.wikipedia.org/wiki/Password-authenticated_key_agreement>, and 
also provide some method whereby entities that have a login relationship 
with you can communicate, and get automatically protected from spam 
filtering and flagged as coming from an entity where you have a login 
relationship - for example, whenever you logged in, your email client 
would get information associating a public key with that login 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20130107/3857258e/attachment.html>

More information about the cryptography mailing list