Announcing Droplets

Ben Laurie
Thu, 30 Sep 1999 13:08:20 +0100

"Mark S. Miller" wrote:
> Another possible problem droplets may have, depending on how the https handshake works.  Let's say the authentication of is fine, for some some adequate meaning of fine, when you dereference
> The question: Might the handshake reveal the full URL to an outside observer, or to an alleged fudco that fails to authenticate?  If so, then in your scheme a thief can steal the swiss number.

No HTTP data is exchanged until the certificate has been authenticated.




"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
     - Indira Gandhi