> From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Peter Gutmann > Sent: Tuesday, May 31, 2005 1:29 PM > > >In this situation, I believe that the users, through hard won > >experience with computers, _correctly_ assumed this was a > >false positive. > > Probably not. > [SNIP text on user's thoughts on warning dialogs]
The false positive I was referring to is the "something is telling me something unimportant" positive. I didn't mean to infer that the users likely went through a thought process centered around the possible causes of the certificate failure, specifically the likelihood of an active man-in-the-middle vs. software bug, vs. setup error, vs. etc.. So, when the box popped up, in the "unimportant" vs. "important" choice that the users went through, they correctly chose "unimportant". These warning dialogs pop up regularly and usually they are crying wolf. I've probably seen hundreds of signature validation warnings from various web-sites for certificates and Active-X and possibly other signed content. I can't recall needing to heed even one of the warnings. We are trying to detect man-in-the-middle or outright spoofing with signatures and our false positive rate is through the roof. The false positive rate must be zero or nearly zero to work as a useful detector in real world situations. Defense in depth can help against spoofing - this includes valid certificates, personalization (even if it is the less-than-optimal Citibank-like solution), PetName, etc. Man-in-the-middle is harder given that we have such a high false positive rate on our best weapon. -Michael --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]