@InProceedings{	  rolf.ea:proof:2007,
  abstract	= {Most SSL/TLS-based e-commerce applications employ
		  conventional mechanisms for user authentication. These
		  mechanisms - if decoupled from SSL/TLS session
		  establishment - are vulnerable to man-in-the-middle (MITM)
		  attacks. In this paper, we elaborate on the feasibility of
		  MITM attacks, survey countermeasures, introduce the notion
		  of SSL/TLS session-aware user authentication (TLS-SA), and
		  present a proof of concept implementation of TLS-SA. We
		  think that TLS-SA fills a gap between the use of public key
		  certificates on the client side and currently deploymed
		  user authentication mechanisms. Most importantly, it allows
		  for the continued use of legacy two-factor authentication
		  devices while still providing high levels of protection
		  against MITM attacks.},
  author	= {Oppliger Rolf and Hauser Ralf and Basin David and
		  Rodenhaeuser Aldo and Kaiser Bruno},
  booktitle	= {Kommunikation in Verteilten Systemen (KiVS) 2007},
  copyright	= {© Springer},
  copyrighturl	= {http://www.springer-sbm.de/index.php?L=1},
  isbn		= {978-3-540-69961-3},
  language	= {USenglish},
  month		= 03,
  pages		= {225--236},
  publisher	= {Springer Verlag},
  series	= {Informatik aktuell },
  title		= {A Proof of Concept Implementation of SSL/TLS Session-Aware
		  User Authentication (TLS-SA)},
  url		= {http://www.springer.com/dal/home/new+&+forthcoming+titles+(default)?SGWID=1-40356-22-173714599-0}
		  ,
  year		= 2007,
  user		= {bgeiser}
}