Karl Malbrain <[email protected]> writes: > I've uploaded a draft on tls strong authentication deployment: > > http://datatracker.ietf.org/doc/draft-malbrain-tls-strong-authentication > Any comments would be appreciated.
I believe that anything based on DNS is the wrong way forward if your problem statement involve well funded adversaries. I think DNS-based distribution of keying material is a good way to simplify and bootstrap opportunistic encrypted channels, however, it would not provide strong authentication in the way that I would like to define it. /Simon _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
