Duane wrote:
Jean-Marc Desperrier wrote:
In fact, the hardest point is to find out how this can be handled in
terms of user interface.
I consider a lot of other things the UI has over come as being more
difficult, either people don't understand the implications of binary
security or they don't care, or a combination of both...
It's not quite that... It's based on the fact that
the secure browsing system has been in place
for a decade now and during that entire time,
people have grown used to the fact that it is
there and it works and it should be forgotten
as much as possible.
When it was put together, there was an enourmous
wave of commercial enthusiasm for something
that was loosely based on a threat that never
actually happened. If you want to get into that
I'd suggest reading some of Lynn Wheeler's
entertaining stories about the "good old days".
(Well, I find them entertaining ...)
Now, to all intents and purposes, this threat
was whalloped. Completely destroyed, and
this built up the notion that the system is
perfect, complete and invulnerable. Now,
there is so much 'belief' that the system is
like that, that even with today's top flight
security consultants, they have a very hard
time dealing with challenges to it. It is
simply outside their world view to think of
secure browsing as subject to any threat.
Meanwhile along comes phishing in 2003
or so and just waltzed past SSL as if it
wasn't there.
Shmoo showed what this was about. It drew
a straight line from dodgy domain to dodgy
cert to phish. It did it so clearly that it
exposed the secure browsing system for
what it is: a system that has never been
battle tested, and is full of contradictory
assumptions that leave open easy ways to
attack.
People are going to take some time to get to
grips with that.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
