I wrote a blog post about our findings in Apple's CommonCrypto (and corecrypto) library https://www.massi.moe/blog/primality-testing-in-apple-core-crypto … with security update now live in macOS Mojave 10.14.1 and iOS 12.1 with @kennyog @martinralbrecht @jurajsomorovsky
I think of SRP as "an interesting way to use a password to authenticate a channel, and avoid some of the problems of password security" ... like for a SQL connection or something. But then keep using certs to auth the server, prevent spoofing, etc ...
-
-
Fair enough. But RFC authors don't (fully) agree with you. Is Trevor on twitter I wonder? Ah yes:
@trevp__Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.