> > the browser > > vendors have > > chosen to prevent them from employing any other option (I can't, for > > example, turn on TLS-PSK or TLS-SRP in my server, because no browsers > > support it - it would make the CAs look bad if it were deployed).
> Patches welcome? (Or did we reject them already? :-)
On 2011-09-06 9:35 AM, Ian G wrote:
Patches aren't welcome.
The only solution is a fork, and the only way we can get something this huge forked is if someone with serious money wants a secure browser.
The banks are allergic to innovation. One of the people issuing new kinds of netbased money might be up for it, but only after they have succeeded enough that your spam filter is full of efforts to phish them.
At which point yurls and SRP might look attractive to them. Check your spam filter for potential customers.
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
