RE: Kurt Seifred's article on securityportal

[Gary Feldman]

> From: [EMAIL PROTECTED]
> On Behalf Of Sean Wieland
...
> (with OK as the default -- stupid users always assume the defaults are
> correct)

Let's be fair.  As your example really points out, the problem in this
specific case (your example, not necessarily the "Accept this invalid
certificate case") is with the developers, not the users.  The defaults
should always be correct, and if they're not, it's because the developer
goofed, not because the user thought the developers were competent.

Gary


====================================================================
                  Ready-to-Run Software, Inc.
                 Software Porting Specialists.
                 *****************************
email: [EMAIL PROTECTED]                 Gary Feldman
fax  : 1-978-692-5401              Ready-to-Run Software, Inc.
voice: 1-978-251-5431              11 School Street
www  : http://www.rtr.com          North Chelmsford, MA 01863
                                                     USA



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]