W3C home > Mailing lists > Public > public-html-comments@w3.org > August 2012

Re: Securing Password Inputs

From: Cameron Jones <cmhjones@gmail.com>
Date: Fri, 31 Aug 2012 21:52:36 +0100
Message-ID: <CALGrgetqRmen92v2YVdiv+uaEgxR=_MtfUzknnKdU3yArZwPvg@mail.gmail.com>
To: Jason H <scorp1us@yahoo.com>
Cc: Seth Call <sethcall@gmail.com>, "Thomas A. Fine" <fine@head.cfa.harvard.edu>, "public-html-comments@w3.org" <public-html-comments@w3.org> 
On Fri, Aug 31, 2012 at 8:51 PM, Jason H <scorp1us@yahoo.com> wrote:
> ...
[snip]

Jason, you're very good at ignoring points and steamrolling ahead. You
missed this point which effectively illustrates that what you want to
achieve impossible:

On Fri, Aug 31, 2012 at 6:13 PM, Cameron Jones <cmhjones@gmail.com> wrote:
>
> The "upgrade path" you suggest is based on having original and
> client-hashed passwords on file, so where is the benefit?
>

Thanks,
Cameron Jones
Received on Friday, 31 August 2012 20:53:03 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 31 August 2012 20:53:04 GMT