On 2011-09-25 4:30 AM, Ben Laurie wrote:
I'm just saying I think its hard to detect when a password is being asked for as part of the risk assessment.
http and https do not know there are such things as logons. Logons need to be built into the protocol, rather than added on top. Your browser should know you are logged on.
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
