[cryptography] Allergy for client certificates

Michael Rogers michael at briarproject.org
Thu Oct 10 14:12:22 EDT 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/10/13 09:29, Guido Witmond wrote:
>> It looks like you've worked around the UX issues by inserting an 
>> EC-aware proxy between the client and server. Who would be
>> responsible for deploying such proxies?
> 
> That proxy lives in the end user's computers. Right now, the user
> needs to install the proxy. I hope to get time and funding to make
> it a Firefox plug in. I hope that when it proofs useful browsers
> will adopt it.

I hope you manage to persuade browsers to support it, because it seems
like it will be difficult to get sites to adopt EA until their users
can reliably expect it to be supported on every machine they use.

(Sorry for referring to EA as EC in my last email!)

My family and friends outside the tech community are quite casual
about logging into their accounts from friends' machines, work
machines, internet cafes, etc. It's all very well for us to say that's
a bad idea, but we can't deny it's convenient to be able to log in
from anywhere with nothing but a password.

I can definitely see the benefits of EA for users who have a few
personal devices that are synced and not shared with other users, and
who value the security of using their own devices more than the
convenience of being able to log in from anywhere. That describes me,
but it doesn't describe most of the people I know.

Perhaps you could think of a killer app for EA that appeals to people
whose habits match the way EA works?

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJSVu4GAAoJEBEET9GfxSfM/cgH/0fGNb+hIWcv/lgk9fZNbcTv
7f3M3GYhowM8IDO3CkOYCU7E0M0hAuhG9jYTAVPGFrEBYc3i9PgNAV+bfv+20qlT
50VlaGFgePWAzZ1lI4334KSNloNiLwxqC3aR1gUhzJGpxnwl4yOOj0/4MGqF64xo
j3OocXPHB10j8qTL4l+J2GEK5OCvFv71wHWXoKeG19aq+GNlSaEBmemhIS5yC9X+
TjEviZZu/b5c4sPf3eHmtivJKUOOJ9Tcj1xZgpj1f6ZTk0Dt74T2KiyBkmmlPdr5
xiX6DtJm5z77WX2vMGulQa57pnDyEhWq4l3fmHPSLMUmT4nFIeDNK3EJi3j/pS0=
=hm9t
-----END PGP SIGNATURE-----


More information about the cryptography mailing list