[148001] in cryptography@c2.net mail archive
Re: [Cryptography] HTTP should be deprecated.
daemon@ATHENA.MIT.EDU (Guido Witmond)
Mon Nov 4 17:34:34 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 04 Nov 2013 21:17:38 +0100
From: Guido Witmond <guido@witmond.nl>
To: cryptography@metzdowd.com
In-Reply-To: <B5928B38-5B89-4351-A62E-6DC1A35D3A9D@gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============0255032664136396003==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="----enig2WOGCXJBCPWUFMSSGBTKW"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
------enig2WOGCXJBCPWUFMSSGBTKW
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 11/04/13 18:44, John Kelsey wrote:
> On Nov 4, 2013, at 10:50 AM, Greg <greg@kinostudios.com> wrote:
>=20
>> Could someone please forward this message to the Elders of the
>> Internet=E2=84=A2?
>>=20
>> It's time to make encryption mandatory in all communication
>> protocols.
>=20
> Amen! [...]
>=20
> The sticking point here is key management, which is a big potential
> administrative pain in the ass. But it's worth wondering if we
> could at least get widespread use of Diffie-Hellman + GCM as a
> default. There is no key management there, and no defense against
> MIM attacks, but at least everything doesn't go out in the clear.
Key management should be automated to the point that the *end user*
doesn't see it anymore.
<plug>I've got the ideas how to do it in a very backwards compatible way
on the current internet. It requires a user agent at the client and some
server side software to generate certificates.
See http://eccentric-authentication.org</plug>
Now If I got some funding to make it a Firefox plug-in, it would also be
easy to install.
Regards, Guido.
------enig2WOGCXJBCPWUFMSSGBTKW
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/
iQIcBAEBAgAGBQJSeADiAAoJEHPd8GglaNRmNLEQAJ6r44iVBrPUgBvOL+mKLPRF
+m/LKtWEr+b1dnHlUdmN8s5cKNO7z0YsDOM2i3GudSTM6tRQqhQ39Y2EolMZxlmH
JJPDYcExrfwY5CSFriiufirptCbL/dQ66YOYYD2o3Z37J3mcyS4GpkoqS9Qx0GyJ
euJSnN4sCtfK1joWLq1R+AlymjXZt+5A8qP5eiuWXaRnkauQqdkb4ddDeTT1/gTb
eAcsPgVmWJQHVMJ+dEXa6ctRcBznJ2Ns0d61LA6AJqq5FaD+EPIOxNHPA/vZHqvA
IrZcd2bhk6XuXdB2MyGBFGIq32budXXhpShr2zlekZKApc6Cf2sr8go9wYH2Qqgw
gFdIISI93lw6+OtdI1pDIZyj0YBw3baEbwEBUydLs6jIFIiKMqPzFb0Fpf84VS1v
cUCpb2rIWs7VALWWg7i8ESkdzUjP/5lTY6WeXZQU3pTOsFBht+Wn8joHKQ90UsUf
d878KY/VS07KDR/+hiWHNHTwzk7BI/+lhpSJXO0KmYuQZQB1erkmZFvpHdtIuoel
3Iqd4MY1JUPdrVJG3qVgIIb6eTZ5hLa9beWffl7izR84XgcGmeqJX4j5nDZsy9X2
Rnc0KNb+IHo0ZX3DpjYjR+Ak6MSBQo2cmYmjaxoeKStECYdtH3lXHDX8ij7iJdse
sMMxT9hScol+NoI/vVj2
=V4RE
-----END PGP SIGNATURE-----
------enig2WOGCXJBCPWUFMSSGBTKW--
--===============0255032664136396003==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============0255032664136396003==--
