-- Ka-Ping Yee [mailto:[EMAIL PROTECTED] >> In practice SSL is primarily used to establish an >> encrypted channel between endpoints, not to establish >> reliable reciprocal identification. Given that almost >> no users pay any attention to certificates, what >> reason do we have to believe that SSL succeeds >> because of PKI, rather than in spite of it?
Hallam-Baker, Phillip > SSL achieves the original security goals set for it. Which were defined to fit what PKI does, not what the user needs. The user needs proof of relationship, not proof of true name. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG qVkusWoDPirkBhjZe5MXwUDyBHO4LxZCWStLyKpA 4JVAsnPJ0MmTZsUwSsCOYR37FKrlG3DPXGBozt+Kh _______________________________________________ specs mailing list specs@openid.net http://openid.net/mailman/listinfo/specs