On 2012-10-19 11:36 AM, Nico Williams wrote:
But if you'd run SRP over TLS with TLS authenticating the server... then why bother with SRP or any ZKPP?
To protect against phishing, url redirection, state level enemies that can issue their own certificates, and so on and so forth.
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
