Your points on the security of well-built passphrase systems are excellent. From an architectural standpoint, I thought the issue instead was: What the !#$%@ are application-level authentication concepts doing in a transport-level confidentiality protocol? TLS is attacking a very appropriate solution for user-installable confidential streams -- but they are streams, no more or less. I think it's no more reasonable to run an application authentication and authorization protocol than to sign a "document" within a stream abstraction. Pass-phrase driven key-establishment *may* be an appropriate whistle for TLS/SSL3 to address, but the service of exchanging passphrases securely might well be out of scope. Rohit Khare (my opinions, not W3C's)Received on Saturday, 20 July 1996 17:42:46 UTC
This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:17:11 UTC