W3C home > Mailing lists > Public > ietf-http-wg@w3.org > January to March 2011

Re: [apps-discuss] [saag] [websec] [kitten] HTTP authentication: the next generation

From: Zed A. Shaw <zedshaw@zedshaw.com>
Date: Sun, 9 Jan 2011 12:16:27 -0800
To: Ben Laurie <benl@google.com>
Cc: Blaine Cook <romeda@gmail.com>, Phillip Hallam-Baker <hallam@gmail.com>, "apps-discuss@ietf.org" <apps-discuss@ietf.org>, David Morris <dwm@xpasc.com>, websec <websec@ietf.org>, "kitten@ietf.org" <kitten@ietf.org>, "http-auth@ietf.org" <http-auth@ietf.org>, "saag@ietf.org" <saag@ietf.org>, "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <20110109201627.GC12542@zedshaw>
On Sun, Jan 09, 2011 at 07:21:34PM +0000, Ben Laurie wrote:
> Whilst I do not disagree with this claim, you are wrong. There are
> protocols which effectively prevent phishing - so long as password
> entry is done in an unspoofable UI.

Alright, to avoid any "violent agreement", can you point me at any
documentation you have on your proposed solution?

Zed A. Shaw
Received on Sunday, 9 January 2011 20:16:54 UTC

This archive was generated by hypermail 2.3.1 : Thursday, 1 October 2015 05:36:45 UTC