At Tue, 11 Sep 2007 13:55:54 -0700 (PDT),
David Morris wrote:
> Actually, a fundamental problem with the current protocol is that there
> was little attention paid to the requirements of UI design experts. The
> natural result is that application developers worked with what they had to
> produce an interface usable by their average user. Any critique of the
> protocol or new protocal in this space MUST be consider interactive
> usage AND unattended program to program authentication.
>
> In the end 'phishing' is about UI and not protocols.
Quite so.
There are a large number of protocol designs--even existing
protocols--which are compatible with the general paradigm of "user U
proves possession of password P to server A without giving A a
credential which can be used to impersonate U to server B".
HTTP Digest, TLS-PSK, SRP, and PwdHash all come to mind. The
difficult parts are:
(1) putting a sensible UI on it--including one that isn't easily
spoofed (see the extensive literature on how hard it is
to build a secure UI.
(2) Getting everyone to agree on one protocol.
-Ekr
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf