[cryptography] phishing/password end-game (Re: Why anon-DH ...)
thierry.moreau at connotech.com
Thu Jan 17 18:43:04 EST 2013
James A. Donald wrote:
> On 2013-01-18 1:17 AM, Thierry Moreau wrote:
>> First, replace "client certificate" by client PPKP (public-private
>> key pair) and be ready for a significant training exercise. The
>> more the trainee knows about X.509, the greater challenge for the
> It has been decisively and repeatedly demonstrated that X.509 leads to a
> completely unusable client side interface.
This is a fact. That should be irrelevant ...
> I assume that was your point.
The point above is about training users to handle a public-private key
pair without reference to X.509 stuff (except as a required file
format). Maybe you already know too much about X.509. Ignoring all of it
may be difficult.
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1
More information about the cryptography