Begin forwarded message:
From: Peter Thoenen <peter.thoenen@yahoo.com>
Date: December 18, 2009 7:35:47 PM EST
To: dave@farber.net, egerck@nma.com
Subject: Re: [IP] more on Confirmed: Twitter DNS diversion used Twitter login credentials
Yes, the problem is pervasive with username/password authentication,but why don't people use certificate-based access authentication?
Because it's different. I have this arguments all the time with SES's
and flag officers who would rather type a 16 character complex password
that a 4 character password with coupled hardware token.