[LINK] certificates
Danny Yee
danny at anatomy.usyd.edu.au
Sun Jan 14 17:29:30 AEDT 2007
The biggest problem is that users simply ignore both ssl encryption
and the existence of certificates, signed or otherwise. I don't know
what can be done about this.
A smaller problem is that it's trivial to get a signed certificate
that verifies that www.westpac-ultrasecure.com really does belong to
"WP Inc" or some other such entity. Maybe there should be some kind
of certification restricted to Australian financial institutions
and managed by ASIC or the RBA. (Of course this won't help with
transations with merchants.) But how useful this would be given the
bigger problem of user blindness I don't know.
Danny.
---------------------------------------------------------
http://dannyreviews.com/ - over nine hundred book reviews
http://danny.oz.au/ - civil liberties, travel tales, blog
---------------------------------------------------------
More information about the Link
mailing list