Okay that was *clearly* a troll. On Tue, Feb 26, 2019 at 10:58 PM Keith Medcalf <[email protected]> wrote:
> > I did write my own TOTP client. However, why do you assume that I am > talking about a TOTP client and not the referred webpage which requires the > unfettered execution of third-party (likely malicious) javascript in order > to view? Not to mention requiring the use of (also quite possibly > malicious) downloaded fonts? > > --- > The fact that there's a Highway to Hell but only a Stairway to Heaven says > a lot about anticipated traffic volume. > > > >-----Original Message----- > >From: NANOG [mailto:[email protected]] On > >Behalf Of Seth Mattinen > >Sent: Tuesday, 26 February, 2019 09:36 > >To: [email protected] > >Subject: Re: 2FA, was A Deep Dive on the Recent Widespread DNS > >Hijacking > > > >On 2/25/19 9:59 PM, Keith Medcalf wrote: > >> Are you offering an indemnity in case that code is malicious? What > >are the terms and the amount of the indemnity? > > > > > >Anyone who is that paranoid should read the RFC and write their own > >TOTP > >client that lets them indemnify themselves from their own code. > > > >
