YD> I think the site is tying to get people to push back on services that YD> don't encrypt at the client, the same way ssh got implemented because YD> people started to refuse to use telnet.
I was working at Caltech from 1999 - 2005, and gave a couple of talks while I was there about switching to SSH. "People refusing to use telnet" wasn't the problem we were having at the time. :^p The IT staff, running the servers, wanted to improve security, and had to drag clients kicking and screaming (sometimes literally screaming; seldom literally kicking :^) away from their familiar telnet clients, and convince them to use some *whole other program* to log in, with no visible benefit to them whatsover. Maybe it was different in other places, but I predict that if you want to improve authentication protocols, the people you need to convince are the people writing the servers and the clients, not the end users. Once it's actually adopted somewhere, convincing users to use it will be important, but I don't think end users are the first step. Is there a list somewhere of sites and/or browsers who support CBcrypt today? -Josh (iril...@infersys.com) _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/