[26989] in cryptography@c2.net mail archive
Re: Status of SRP
daemon@ATHENA.MIT.EDU (Victor Duchovni)
Thu Jun 1 10:08:43 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 30 May 2006 21:53:57 -0400
From: Victor Duchovni <Victor.Duchovni@MorganStanley.com>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <447CD845.7000906@echeque.com>
On Wed, May 31, 2006 at 09:41:57AM +1000, James A. Donald wrote:
> The obvious solution to the phishing crisis is the widespread deployment
> of SRP, but this does not seem to happening. SASL-SRP was recently
> dropped. What is the problem?
The obvious solution is perhaps more difficult to deploy in an environment
where loss of ubiquitous access trumps security gains. It takes years to
*field* new infrastructure. When the designer calls the problem solved,
the real work begins, or not, if the market is not yet ready for the
solution.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
