On 2011-09-14 4:31 AM, Seth David Schoen wrote:
https://www.senate.gov/
which had a valid cert a while ago and then recently stopped.
A system that gives false negatives is worthless. It has to be
sufficiently reliable that it makes sense to deny access.
Of course, a system where one has to interact with a third party to be
certified will always give frequent false negatives, requiring the
option to click through, and thus training users to click OK on sight.
Skype also gives you the option when a stranger you have never
interacted with before wants to talk to you, but in the skype case, the
criterion is sufficiently reliable that users get trained to click deny
on sight.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
