[Discuss] eliminating passwords
Tom Metro
tmetro+blu at gmail.com
Mon Jul 29 16:36:54 EDT 2013
Richard Pieri wrote:
> It's X.509 PKI key exchange. SSL is built on top of an X.509 PKI.
>
> X.509 is far from perfect. Very far. It shows in its fundamental
> weaknesses (such as reliance on the trust of third party certificate
> authorities...
Agreed, but irrelevant with respect to the idea of eliminating
passwords. Because whether you use a username and password or a client
side certificate, you're still going to use SSL to encrypt the
communication channel.
If you want to have a separate discussion about replacing X.509 in SSL,
then that's fine, but not germane to the thread.
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
More information about the Discuss
mailing list