Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
PostgreSQL 9.3 beta: Federated databases and more
LWN.net Weekly Edition for May 9, 2013
(Nearly) full tickless operation in 3.10
For vain reasons, it'll never be used: web designers like being able to specify how their login boxes look.
please move this stuff into DNS
Posted Dec 26, 2008 2:23 UTC (Fri) by TRS-80 (subscriber, #1804)
Anyway, for web designers HTML 5 offers a way to have HTML login forms for HTTP auth.
Posted Dec 26, 2008 3:18 UTC (Fri) by drag (subscriber, #31333)
It just strikes me as a bit lazy. Not a lot lazy as the SSL/TLS stuff is difficult to get right. But for as long as this stuff has been out it should be fairly simple to do.
Posted Dec 26, 2008 3:36 UTC (Fri) by TRS-80 (subscriber, #1804)
Security problems with CAs
Posted Dec 26, 2008 13:21 UTC (Fri) by vonbrand (subscriber, #4458)
Sad fact is that really checking is expensive, and CAs aren't in the business of "wasting" money to then turn a paying customer away... plus certificates are the same whether they are meant to protect (probably not very interesting) email from prying eyes, commercial transactions in the range of a few tens of dollars, or multi-million dollar movements. The association of the "personal" certificate with all sorts of identifying data makes the planned use of those a privacy nightmare. The whole concept is deeply flawed. For an in-depth discussion of the current issues, look at Peter Gutmann's PKI tutorial (a large PDF presentation).
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds