Fuzzy Hoodie-Monster wrote:
> as a
> practical matter, proposals more fine-grained ("endy") than TLS have
> (in some key cases, at least) shown to be unusable ("literally DOZENS
> of people use PGP") or worse than nothing for raisins of complexity
> and security (XML digital signatures).The point, of course, is to construct something that *is* usable. Zooko's triangle suggests a way to do it. > Again, I regard TLS' provision of server authentication as "good > enough", for now at least. I definitely don't regard CAs or browsers' > handling of certificates or browsers' UI as good enough. I advocate > fixing the weakest link in the chain, and currently that's user > interface/user experience/communication to the user. Once we figure > out how to explain to users who they are or might be talking to and > how certain we are of that -- again, see OTR for hints -- THEN we can > move on to the next problem. Users do not want to be distracted by such complications. _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
