On 19/09/11 6:53 AM, James A. Donald wrote:
On 2011-09-18 7:55 PM, M.R. wrote:
It follows then that we are not looking at replacing the SSL
system with something better, but at keeping the current
SSL - perhaps with some incremental improvements - for the
retail transactions,
These days, most retail transactions have a sign in.
Sign ins are phisher food.
SSL fails to protect sign ins.
Hence, frequent suggestions to uptick the usage of client certificates,
SRP, and SSL itself.
iang
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
