On Fri, May 8, 2009 at 12:04 PM, SitG Admin <[email protected]> wrote: > By "reinforcement" I mean "specific advertisement": if the OP uses its > support of SSL as a feature to attract users, but not educating the user > about how this security measure fits in among the larger picture, they are > effectively misleading the user into a mistaken idea of how secure they are.
Do you have evidence that this is actually happening, or is this just speculation? >> You haven't offered any justification for these very specific >> assumptions. I bet they won't hold that widely if you tested them on >> real users. > > I'm not concerned about "real users" so much as "MY users"; not drawn from > the average pool ;) Then I recommend that you study your users and act in their best interest. Adam _______________________________________________ security mailing list [email protected] http://openid.net/mailman/listinfo/security
