[cryptography] Client TLS Certificates - why not?

Martin Paljak martin at martinpaljak.net
Wed Mar 6 04:02:29 EST 2013


On Wed, Mar 6, 2013 at 10:40 AM, James A. Donald <jamesd at echeque.com> wrote:
> Can you implement your above design while hiding the keys in urls, rather
> than inflicting them on the suffering user?

There's a saying in Estonian, literally translated: "who wants to eat
sausages is better off not knowing how sausages are made".

Sausages look tasty, meaty and easy to consume. In reality such
products often contain 70% "garbage" instead of  meat. Which also
means that even if some company wants to do a "real meat" sausage
people who know what meat is and care about what they eat are still
suspicious. Those who don't care can easily be fed sausages that
contain "100% artificial taste, coloring, smell and filling materials"
(in small print) and "100% of needed daily vitamins and minerals" in
large print.

Eventually keys, hashes and similar parameters need to be exposed, if
the system is supposed to be used by people who are not sheep.

Martin



More information about the cryptography mailing list