[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: lynx-dev Q: lynx shopping?

From: Al Gilman
Subject: Re: lynx-dev Q: lynx shopping?
Date: Mon, 11 Mar 2002 21:24:51 -0500

At 08:28 PM 2002-03-11 , you wrote:
>On Mon, 11 Mar 2002, Matt Ackeret wrote:
>> An example I can think of is  They only support IE (and
>> MAYBE Netscape)..  But anyway, to use them with Lynx, I have to fake Mozilla.
>> (I also have to manually refresh on the "looking up acct info" page)
>I believe that this is probably a case where they are intentionally
>trying to exclude lynx, since they have no assurance of the way the
>SSL was compiled. I suspect that their terms of service may specify
>usage of certain browsers, but I don't really know.

<don asbestos/>

You don't have to know how the SSL was compiled.  If the code was not put 
together right, the encrypt and decrypt won't match and the SSL falls apart.  
You can't fake the algorithm.  You have to do it, and do it right.  This is 
banking; we are talking civil rights, not any fit domain for laissez faire.  
Bank terms of service requiring a specific browser ought to be illegal and may 
yet be shown to be so by existing law via court cases.

Security is so mathematical that the algorithms are self-enforcing.  Requiring 
a particular codebase is not reasonable by any stretch of the imagination for 
security reasons.  Key length, maybe; specific implementation, no way.

This is about to be demonstrated once again in the virtual plugfests of the 
Global Grid Forum Grid Computing Environments Web Services Testbed, where they 
will be playing crypto implementations from rather competitive groups and show 
that they all play together.

Actually, with Lynx just search the chronological index for 'testbed.'


>                           Doug
>Doug Kaufman
>Internet: address@hidden
>; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

; To UNSUBSCRIBE: Send "unsubscribe lynx-dev" to address@hidden

reply via email to

[Prev in Thread] Current Thread [Next in Thread]