SSL certificate stuff (ie. PKI) is IMO dead. NSA killed it. Back to the roots: hashed pw over MITM-safe sessions (SRP, SPEKE etc, ie. PAKE).
cu Uenal _______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
