[154000] in North American Network Operators' Group
Re: LinkedIn password database compromised
daemon@ATHENA.MIT.EDU (Randy Bush)
Wed Jun 20 19:03:43 2012
Date: Thu, 21 Jun 2012 08:02:58 +0900
From: Randy Bush <randy@psg.com>
To: Leo Bicknell <bicknell@ufp.org>
In-Reply-To: <20120620194344.GA16763@ussenterprise.ufp.org>
<20120620213914.GA20633@ussenterprise.ufp.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
leo,
what is the real difference between my having holding the private half
of an asymmetric key and my holding a good passphrase for some site?
that the passphrase is symmetric?
> First time a user goes to sign up on a web page, the browser should
> detect it wants a key uploaded and do a simple wizard.
> - Would you like to create an online identity for logging into web
> sites? Yes, No, Import
s/onto web sites/this web site/ let's not make cross-site tracking any
easier than it is today.
randy
