To even suggest that someone who "doesn't know anything about certificates" can be protected at all is absurd - no matter what are (re aren't) the features of the software he or she happens to be using. have.
In any case we must know how much the user must learn before s/he could be safe. It is true that an ignorant user is easy to fool. I think that we should try to learn people about security. Not scare them a way. Even if they are not intrested. To most people PKI is just another TLA.
It all depends in what we trust. If we trust an application to simplify the security for us thats good. If we have the knowlege to use hardware tokens that's better.
But this is another tread...
-Emil
_______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
