[Security] TLS Certificates Verification - original topic

Johansson Olle E oej at edvina.net
Wed Aug 20 07:14:54 CDT 2008

20 aug 2008 kl. 12.46 skrev Dirk Meyer:

> Yes. IMHO we should start with the question the thread started with.
> We have a connection (doesn't matter how we got it) and we want to
> open a verified TLS layer. CA signed certificate, self-signed
> certificates, web of trust, TLS-SRP. These seems to be the keywords to
> solve the problem. After we do that we may need users to remember
> passwords and save keys. How we can do that in a userfriendly way is
> step 2. But it does not hurt to keep step 2 in mind from time to
> time to not end up with users comparing key fingerprints.

Ok, let's use this thread and subject for that discussion and try to  
where we are.


More information about the Security mailing list