At Wed, 12 Sep 2007 11:27:07 -0400,
Keith Moore wrote:
And I think looking at protocols without an understanding of how they
are used and how they interact with the UI is just as wrong as
attempting to fix the problem simply within the UI. You wrote that some
mechanisms could be made to work. You might be right, but I'm not
convinced. Someone actually has to write out how these mechanisms, such
as challenge/response ARE made to work with a web browser and a
transactional protocol, such that they also actually solve Eliot's Dad's
probem (EDP ;-) of the user not shooting themselves in the foot by
transmitting the same credential to multiple disparate relying parties
(or authenticating services, if you will).
None of the systems I mentioned (TLS-PSK, SRP, PwdHash) has this
problem--provided that the user actually uses the new authentication
method and doesn't type his password into some Web form. But of
course that's a UI problem, not a protocol problem.
and IMHO, any solution that doesn't let the user type his password into
some Web form is a non-starter,
both for reasons of backward compatibility and because sites (quite
legitimately) want to provide a
visually attractive interface to users which is consistent across all
platforms (for support reasons).
This may well be true.
However, I'm not aware of any technique which both meets this constraint
and is phishing resistant.
-Ekr
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf