<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">On 10/10/2013 08:32 PM, Ron Frazier
(ALE) wrote:<br>
</div>
<blockquote
cite="mid:e9e376df-85a8-4959-bb61-5a829c7fa55c@email.android.com"
type="cite">
<pre wrap="">Steve Gibson has just announced some new secure login research he's been doing. It looks pretty promising and may ultimately be able to substantially replace or augment user names and passwords. I thought I'd pass it along. He says it's generating lots of interest, including some from the w3c. It's open spec and open standard and he's giving it away. Maybe it will become a standard someday.</pre>
</blockquote>
<br>
Look, we've covered this time and time again.<br>
<br>
Steve Gibson is <b><i>not</i></b> a security expert. Stop putting
him on a pedestal, and PLEASE stop spreading bad information. That
new "secure" login procedure has AT LEAST one fatal flaw, and I
think two. It is not suitable for use, and in fact straight
username and password over TLS is more secure.<br>
<br>
At this point, I am respectfully asking you to quiet down on the
list.<br>
<br>
The last thread you started was on Windows.<br>
<br>
This thread is invoking Gibson (again), despite much rather on-topic
discussion to the fact that Gibson isn't a suitable source of
security information. This is at least the third or fourth
off-topic post from you this week that I can recall—and quite
impolitely without the OT.<br>
<br>
Please stop spreading bad information and please stop discussing
your trials and tribulations with your Microsoft products at all on
this list. You can't seem to put "[OT]" in when it needs to be
done—so please just stop altogether.<br>
<br>
Much appreciated,<br>
<br>
Mike<br>
<br>
<div class="moz-signature">-- <br>
<table border="0">
<tbody>
<tr>
<td> <img src="cid:part1.02000001.09000509@naunetcorp.com"
alt="Naunet Corporation Logo"> </td>
<td> Michael B. Trausch<br>
<br>
President, <strong>Naunet Corporation</strong><br>
☎ (678) 287-0693 x130 or (855) NAUNET-1 x130<br>
FAX: (678) 783-7843<br>
</td>
</tr>
</tbody>
</table>
</div>
</body>
</html>