A Few Thoughts on Cryptographic Engineering

Discussion in 'privacy technology' started by Minimalist, Jul 2, 2017.

  1. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    8,960
    Location:
    Slovenia
    https://blog.cryptographyengineering.com/2017/07/02/beyond-public-key-encryption/
     
  2. lotuseclat79

    lotuseclat79 Registered Member

    Joined:
    Jun 16, 2005
    Posts:
    5,385
    I'm glad to see the new post by MG on his blog which has been quiet for some time.

    My RSS feed to his website still does not work.

    -- Tom
     
  3. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    1,760
    If people used their public key finger print more it might help. For example if I used it as my SIG on my forum posts anyone could compare that with a public key someone claiming to be me sent them.
    Websites could have a second domain name, their cert fingerprint.com. They could publish both URLs anywhere including their site and on printed literature, business cards etc. The security conscious could use the secure url. A browser addon could easily verify that the site cert matches the fingerprint URL prior to TLS negotiation.
     
Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.