* Lance James:

> And as stated above, reverse the effect and it would be the banks in 
> scenarios such as XSS.

In case of XSS or CSRF, you have lost anyway.  The web was not
designed as a presentation service for transaction processing,
especially if the transactions involve significant value.  If you use
the web for this purpose, it's always a tradeoff.

Maybe it's time to realize that all these web applications together
form a huge monoculture, and to move on and diversify again.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to