|
|
|
|
|
|
by e12e
4715 days ago
|
|
|
Since you seem to server your site (parley.co) over https, you might want to accept signups over https as well -- it's a little disconcerting to get a warning message of information being posted in the clear from a page that is all about making it easier to communicate securely online: <form action="http://parley.us6.list-manage.com/subscribe/post?u=NN&id=NN" method="post"
Other than that it'll be interesting to see your implementation -- I've been considering the idea of key storage for a while, and I also think so long smart cards aren't ubiquitous (and usable with all clients, such as phones as well as PCs) -- pass-phrases is unfortunately as good as it gets.It's unfortunate, because anything based on shared secretes (directly) makes key revocation tricky. |
|
|