- From: Nico Williams <nico@cryptonector.com>
- Date: Wed, 15 Jun 2011 10:11:28 -0500
- To: Anders Rundgren <anders.rundgren@telia.com>
- Cc: Yutaka OIWA <y.oiwa@aist.go.jp>, "KIHARA, Boku" <bkihara.l@gmail.com>, public-identity@w3.org
On Wed, Jun 15, 2011 at 10:08 AM, Anders Rundgren <anders.rundgren@telia.com> wrote: > Another alternative is using authentication methods where you only > (optionally) use local PINs which if snooped by an imitating UI > doesn't get the attacker very far, at least not on an Internet scale. Once you've got a credential manager integrated then this will typically be the case. > PKI is still the champ. I don't think PKI has an advantage here, except for smartcard support the crypto primitives (public key operations) needed for PKI. Nico --
Received on Wednesday, 15 June 2011 15:14:20 UTC