----- Original Message -----
From: "James A. Donald" <[EMAIL PROTECTED]>
Subject: Status of SRP
The obvious solution to the phishing crisis is the widespread deployment
of SRP, but this does not seem to happening. SASL-SRP was recently
dropped. What is the problem?
The problem is that you're attempting to treat the wrong aspect. Yes SRP
verifies the server, but requiring even more work on the part of the client
will not solve the problem. Attempting to use SRP to solve this problem is
basically saying "You must be this smart to be worth protecting."
Joe
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
