 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
Derek Martin wrote: > Which bank operates a kerberized HTTP server that I can use to access > my accounts online? I wish I knew of one. It isn't difficult to implement and it would be a great deal more secure than any SSL-based system. You can blame the US Government for this one. ITAR didn't permit export of strong, secure crypto but did permit export of weak crypto like 40-bit DES. At the same time, the same US Government was pushing hard for key escrow in cryptographic systems (remember Clipper?) and against web of trust systems like PGP. Which left Netscape in a bind when it came time to implement some kind of communications security in their browser. They chose to roll their own, Microsoft copied it, and the world has been stuck with SSL ever since. -- Rich P.
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
