----- Original Message ----- From: "James A. Donald" <[EMAIL PROTECTED]>
Subject: Status of SRP

The obvious solution to the phishing crisis is the widespread deployment of SRP, but this does not seem to happening. SASL-SRP was recently dropped. What is the problem?

The problem is that you're attempting to treat the wrong aspect. Yes SRP verifies the server, but requiring even more work on the part of the client will not solve the problem. Attempting to use SRP to solve this problem is basically saying "You must be this smart to be worth protecting." Joe

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to