Crypto lets someone say "Hi! I absolutely definitely have a name somewhat like the name of a large familiar organization, and I'd like to steal your data!" ...
It might help if browsers displayed some details of the certificate without being asked. For example, instead of a padlock, the browser could have an SSL toolbar. This would show the verified name and address of the site you are connected to.
The bar could also show the server name for unverified connections. This would avoid the attacks that use URLs like http://www.microsoft.com:[EMAIL PROTECTED] .
-- Pete
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
