incubator-heraldry-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "James A. Donald" <>
Subject Re: [OpenID] Announcing OpenID Authentication 2.0 - Implementor'sDraft 11
Date Mon, 22 Jan 2007 18:41:33 GMT
Hallam-Baker, Phillip
 > > > If you change the browser you might as well really
 > > > change the browser and use a strong authentication
 > > > mechanism based on PKI

Ben Laurie
 > > I'm sure you meant to say "based on asymmetric
 > > cryptography".

Hallam-Baker, Phillip
 > No, any time you have a trusted key you have an
 > infrastructure.

No you do not, nor is PKI useful in solving phishing.

PKI is a solution that has been tried and has failed.
It has become an obstacle, as commercial interests
actively block alternatives that do not involve a small
number of centralized authorities with a special
privilege that enables them to intrude between client
and server and charge the server.

View raw message