[13843] in cryptography@c2.net mail archive
Re: Announcing httpsy://, a YURL scheme
daemon@ATHENA.MIT.EDU (Tyler Close)
Mon Jul 14 21:09:44 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: Tyler Close <tyler@waterken.com>
To: cryptography@metzdowd.com
Date: Mon, 14 Jul 2003 20:33:16 -0400
In-Reply-To: <3F13327C.EB7A714@safevote.com>
Please read the provided documentation.
On Monday 14 July 2003 18:45, Ed Gerck wrote:
> I did not see the issues of spoofing,
http://www.waterken.com/dev/YURL/Name/
> MITM
http://www.waterken.com/dev/YURL/Definition/#Site_authentication
> and revocation
http://www.waterken.com/dev/YURL/Why/#Certificate_lifecycle_control
> being addressed at all.
Then you simply did not read the documentaion.
> For these threats, however, the attack descriptions are
> well-known and rather easy to carry out.
Then do it. I asked you for the attack steps because you cannot
provide them.
No more hand-waving please. The provided documentation provides
technical detail and examples. I expect counter-arguments to do
the same.
Tyler
--
The union of REST and capability-based security:
http://www.waterken.com/dev/Web/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
