Alex Wight wrote:
All I'm saying is
that imho this is the place to do it, because doing it with certs only
addresses a slice of the phishing pie (HTTPS).
Hmmm... I don't see the problem myself with
limiting phishing protections to HTTPS. It
does make for a much simpler lesson to the
users: Make sure you are using HTTPS and
check the site...
But, to explore that notion some, what do you
see the phishing pie as being outside HTTPS?
Are you just referring to HTTP? Or also to
IM, mail, etc?
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
