I keep posting you cannot do this using https, and people keep =
replying yes you can
No you cannot, cause if you could, paypal, e-gold, e-bay, and the rest =
would not be suffering from the problem illustrated by scam mails such =
as the following
(When you hit the submit button, guess what
--
James A. Donald:
Certificate caching is not the problem that needs solving.
The problem is all this spam attempting to fool people into
logging in to fake BofA websites and fake e-gold websites,
to steal their passwords or credit card numbers
On 6 Jun 2003 at 15:04, Tim Dierks
.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
q1a1Whb1YeRws7qoDm6h15qfDstFHciUyP2I4fte
42lCFXf0IqXfh5Mz2mFtznxv6N40EuqpKvQJhLBgS
, not private keys, and the networks are setup to rely
on shared secrets because there is no practical alternative.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
r9lUivpSt7tWiPOxVr17a9sjkgXnnbC5matqsa6/
4UovWiFVbzH8bFEhVsekeydmrrDmez+5/B/3ZSo4B
--
James A. Donald
Or to say the same thing in different words -- why can't
HTTPS be more like SSH?Why are we seeing a snow storm
of scam mails trying to get us to login to e-g0ld.com?
Eric Rescorla
Because HTTPS is designed to let you talk to people you've
never talked before
be resuming soon,
a quite satisfactory outcome unless you happen to be seriously
injured during the fall of the regime.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
ex1HQoJ2kYJwSMyp5TBLhzTH+6qqwg6ezxbM7VYg
4q2ySdMlUgiPS7jiXdtDmfaD/3tRNLRf0h+f2/RaA