On 09/12/2013 08:37 PM, karl m wrote:
> Leif,
>
> I don't own the technical ability to spell out specific changes to the
> TLS strong authentication protocol needed to implement the proposed
> changes. I've only been exposed to this as a client to a strong
> authentication server.
>
> I had hoped to open a general discussion on the topic of strong
> authentication for every connection to every server as a means to
> preclude MITM. Do you have any input on that?
>
Only that the devil is in the details. I think most on this list
recognize that "encryption
is a problem of turning a hard problem into a hard key management
problem" and
that your proposal leaves several problems to the imagination of the
reader, including
how to build a multi-master globally scalable directory of keys and GUIDS.
I think that while you try to spell out some of those things, the list
can do other things
so I re-iterate Stephens point: go write a draft please.
Cheers Leif
_______________________________________________
perpass mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/perpass
