At Tue, 11 Sep 2007 13:55:54 -0700 (PDT),
David Morris wrote:
Actually, a fundamental problem with the current protocol is that there
was little attention paid to the requirements of UI design experts. The
natural result is that application developers worked with what they had to
produce an interface usable by their average user. Any critique of the
protocol or new protocal in this space MUST be consider interactive
usage AND unattended program to program authentication.
In the end 'phishing' is about UI and not protocols.
Quite so.
There are a large number of protocol designs--even existing
protocols--which are compatible with the general paradigm of "user U
proves possession of password P to server A without giving A a
credential which can be used to impersonate U to server B".
HTTP Digest, TLS-PSK, SRP, and PwdHash all come to mind. The
difficult parts are:
(1) putting a sensible UI on it--including one that isn't easily
spoofed (see the extensive literature on how hard it is
to build a secure UI.
(2) Getting everyone to agree on one protocol.
-Ekr
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf