>>>>> "Shumon" == Shumon Huque <shuque@xxxxxxxxxxxxx> writes:
Shumon> And yes, I agree that a new properly designed version of
Shumon> HTTP Digest authentication might be one way to help. As
Shumon> well as the various zero knowledge protocols.
I believe that http digest plus channel bindings does meet all the
requirements that draft-hartman-webauth-phishing discusses for
authentication systems. Clearly the protocol cannot define the UI issues.
I'm not sure I prefer the approach of revising http digest, but I do
believe it would meet the requirements of my draft.
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf