>>> None of the systems I mentioned (TLS-PSK, SRP, PwdHash) has this >>> problem--provided that the user actually uses the new authentication >>> method and doesn't type his password into some Web form. But of >>> course that's a UI problem, not a protocol problem. >>> >>> >> and IMHO, any solution that doesn't let the user type his password into >> some Web form is a non-starter, >> both for reasons of backward compatibility and because sites (quite >> legitimately) want to provide a >> visually attractive interface to users which is consistent across all >> platforms (for support reasons). >> > > This may well be true. > > However, I'm not aware of any technique which both meets this constraint > and is phishing resistant. > nor I. but the first step in solving an unsolvable problem is realizing what you're up against. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf