[cap-talk] Webkeys vs. the web

Chip Morningstar chip at fudco.com
Wed Mar 25 04:44:23 EDT 2009


David Wagner <daw at cs.berkeley.edu> wrote:

>> Seems to me we cannot fix this crisis without client
>> side tools that alter client side cryptographic
>> behavior, for example, client side tools that do
>> password-authenticated key agreement, and manage web
>> keys in ways that reflect the fact that they are web
>> keys, not regular bookmarks.
>
>OK.  My point is that I don't think we can expect individual web sites
>to demand their users to deploy such tools; that's a non-starter and
>fails to recognize the incentives and concerns facing web site operators.

I think David has succeeded in articulating the point which I have so
far seemed unable to get across here.


More information about the cap-talk mailing list