17:28:30ShinmeraI do wish there was a simpler end-to-end crypto solution than SSL though.
17:30:06SAL9000I guess you could shove "bare" asymmetric crypto inside HTTP?
17:30:51ShinmeraThere's verification crypto going on with oAuth already
17:31:01Shinmerabut not crypto that hides stuff while it's on the wire.
17:31:53SAL9000I think if you try to get the crypto properties of SSL -- specifically, mutual authentication -- you'll end up with basically SSL minus the PKI/CA infrastructure bits :/
17:32:14Shinmeraright, but you could do it without a lot of the baggage that makes SSL a pain to deploy.
17:32:38Shinmeraas in, pick one algo, bundle the cert in memory, etc.