I see the phising problem the same as the spam problem (while in one
respect they're the same thing).
There's several important differences. What phishers do is illegal (fraud, involving money), whereas spammers, in most countries, are legal but irritating. Therefore, they have a strong incentive not to reveal their identities. If you can put an identity-revealing cost into the process that's high enough (good verification), and reduce the value of the cert you get (OCSP), such that it becomes economically unviable to phish, they'll stop.
Gerv _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
