I keep posting "you cannot do this using https", and people keep =
replying "yes you can"
No you cannot, cause if you could, paypal, e-gold, e-bay, and the rest =
would not be suffering from the problem illustrated by scam mails such =
as the following
(When you hit the submit button, guess what
ame user as
last time.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
q1a1Whb1YeRws7qoDm6h15qfDstFHciUyP2I4fte
42lCFXf0IqXfh5Mz2mFtznxv6N40EuqpKvQJhLBgS
e been key administrator for several
companies, and have unfailingly found that I was the only
person capable of doing these operations at that company.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
v6gZFuZoUgyGH55ME+JoilJSfw5LrufrbWWB454U
4FhiB65yyXwp1RgeJrLADfEYBoqz0YAch8fJ0Fisp
--
James A. Donald:
> > Certificate caching is not the problem that needs solving.
> > The problem is all this spam attempting to fool people into
> > logging in to fake BofA websites and fake e-gold websites,
> > to steal their passwords or credit card numbers
On
--
James A. Donald
> > Or to say the same thing in different words -- why can't
> > HTTPS be more like SSH?Why are we seeing a snow storm
> > of scam mails trying to get us to login to e-g0ld.com?
Eric Rescorla
> Because HTTPS is designed to let you talk to peo
private keys, and the networks are setup to rely
on shared secrets because there is no practical alternative.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
r9lUivpSt7tWiPOxVr17a9sjkgXnnbC5matqsa6/
4UovWiFVbzH8bFEhVsekeydmrrDmez+5/B/3ZSo4B
;s schemes, perhaps other
people's similar schemes.
The fact that e-gold does not know what is going on suggests
that past attempts to support micropayments failed by putting
too great a burden on those seeking to participate.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwv
--
James A. Donald
> > > > Or to say the same thing in different words -- why
> > > > can't HTTPS be more like SSH?Why are we seeing a
> > > > snow storm of scam mails trying to get us to login to
> > > > e-g0ld.com?
Eric Rescor
--
On 3 Jun 2003 at 15:04, James A. Donald wrote:
> I never figured out how to use a certificate to authenticate
> a client to a web server, how to make a web form available to
> one client and not another. Where do I start?
>
> What I and everyone else does is use a s
army wipes
out all police everywhere in a nation of welfare bums. That
was not the plan, that was an extremely violent reaction to a
close brush with disaster.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
da5or2d54+B0YDDe+XcGf9u1Q6Ci33/LFTfqvsPL
4f3E7kWr1ciIuU7/AuIEAxqt3sNcy9/5WE+dIOkBV
s will cease
to exist, but small private practices should be resuming soon,
a quite satisfactory outcome unless you happen to be seriously
injured during the fall of the regime.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
ex1HQoJ2kYJwSMyp5TBLhzTH+6qqw
ese things with lawsuits.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
Lc/zfuFetUbub2/wHcv0ZE511Jiw8hM3TcX57mTw
44D97DUCfLM+KrrFiIWdcFN8qmy+uzJn0coyJnfbz
-
We have the right to defend ourselv
le that this could be changed, that I was being absurdly
naive in thinking that merely because the existing provisions in the
standard were unusable that there was some prospect for changing them.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVp
13 matches
Mail list logo
