Pake Preacher

@pake_preacher
0 Followers
0 Following
1 Posts
Hey Browsers, why u no prevent phishing? https://stackoverflow.com/questions/2778629/tls-srp-in-browsers
Show threadPake PreacherDec 4

@cendyne @ErikvanStraten @soatok Domain hijack, by any of the myriad of CAs included in your browser is a real problem.

The browsers could have stopped this attack a long time ago, with a lot simpler solution than WebAuthn: PAKE, in particular TLS-SRP: https://stackoverflow.com/questions/2778629/tls-srp-in-browsers

TLS/SRP in browsers?

Is there a plan or existing implementation of RFC 5054 in any of the major browsers yet? If nobody has an implementation yet, then which major browsers have it on their roadmap? Where?

Stack Overflow