On Mon, Jan 7, 2013 at 11:33 AM, ianG <i...@iang.org> wrote: > OK, I agree that Peter is impatient and frustrated. So am I. Dealing with > responsible parties that say "phishing isn't our problem" is pretty tiring > when $100m a year goes down the tubes because of it.
To be clear, I am not saying phishing is not our problem, I am saying that binding keys to sites, regardless of how you do it, is not the answer to phishing (regardless of early PKI marketing history). IMO, the answer to phishing is to solve the password problem, and the solution to the password problem is really good password managers. But I haven't had much luck selling that solution. Probably because, rather like Peter's solution, it has a largish element of fluff. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography