W3C home > Mailing lists > Public > public-webappsec@w3.org > August 2014

Re: Secure Origins and Strong Authentication

From: Chris Palmer <palmer@google.com>
Date: Thu, 21 Aug 2014 12:31:54 -0700
Message-ID: <CAOuvq21gebX+RZnUgsrLTso2cH3Jy=pJwWFjtMKFt9BggghWpw@mail.gmail.com>
To: noloader@gmail.com
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Wed, Aug 20, 2014 at 5:41 AM, Jeffrey Walton <noloader@gmail.com> wrote:

> I'm curious about what makes the authentications strong.

Obviously, the web PKI has its weaknesses, but we have to proceed in
stages. For the time being, we just have to get people using any
authentication at all.

We can imagine a scale, something like this:

anonymous ... plain web PKI ... pre-shared keys/pinned keys ... very
tightly-scoped key-pinning
Received on Thursday, 21 August 2014 19:32:20 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:06 UTC