[Ietf-http-auth] BOF Request: WARP - Web Authentication
Resistant to Phishing
Sam Hartman
hartmans-ietf at mit.edu
Tue May 30 09:50:55 PDT 2006
>>>>> "Chris" == Chris Drake <christopher at pobox.com> writes:
Chris> Since you solicited comments...
>> [Sent to the ADs; comments very much appreciated.]
>> [snip] Any solution to the phishing problem will require UI
>> changes in web browsers.
>> [snip] There will never be a single identity that a user can
>> use on the web
Chris> I respectfully disagree. We should focus on a solution
Chris> without introducing barriers that might stifle creative
Chris> thinking.
So, I think that solutions that work even if there is no single
identity will work fine if a single identity emerges provided that
they support use of identity from one site on another.
Do you disagree?
More information about the Ietf-http-auth
mailing list