Re: Symptoms vs. Causes

To: Shumon Huque <shuque at isc.upenn.edu>
Subject: Re: Symptoms vs. Causes
From: Sam Hartman <hartmans-ietf at mit.edu>
Date: Tue, 11 Sep 2007 16:33:15 -0400
Cc: ietf at ietf.org, Bernard Aboba <aboba at internaut.com>
In-reply-to: <20070911193522.GA13226@isc.upenn.edu> (Shumon Huque's message of "Tue, 11 Sep 2007 15:35:22 -0400")
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
References: <Pine.LNX.4.64.0709101737190.26043@internaut.com> <20070911193522.GA13226@isc.upenn.edu>
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/21.4 (gnu/linux)

>>>>> "Shumon" == Shumon Huque <shuque at isc.upenn.edu> writes:

    Shumon> And yes, I agree that a new properly designed version of
    Shumon> HTTP Digest authentication might be one way to help. As
    Shumon> well as the various zero knowledge protocols.

I believe that http digest plus channel bindings does meet all the
requirements that draft-hartman-webauth-phishing discusses for
authentication systems.  Clearly the protocol cannot define the UI issues.

I'm not sure I prefer the approach of revising http digest, but I do
believe it would meet the requirements of my draft.


_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

Follow-Ups:
- Re: Symptoms vs. Causes
  - From: David Morris

References:
- Re: Symptoms vs. Causes (was next step on web phishing draft)
  - From: Bernard Aboba
- Re: Symptoms vs. Causes (was next step on web phishing draft)
  - From: Shumon Huque

Prev by Date: Re: Next step on web phishing draft(draft-hartman-webauth-phishing-05.txt)
Next by Date: Re: Symptoms vs. Causes
Previous by thread: Re: Symptoms vs. Causes (was next step on web phishing draft)
Next by thread: Re: Symptoms vs. Causes
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Symptoms vs. Causes

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.