In my opinion "users don't care" isn't a reason to subvert the original
purpose.
Someday, it will come back to haunt us.
-----Original Message-----
From: William X Walsh
Sent: Wednesday, August 22, 2001 12:05 AM
To: Lynn W. Taylor
Cc: Peter Kiem; INTERNET@BCN {[EMAIL PROTECTED]}
Subject: RE: How do webcerts work with virtual hosts?
Tuesday, Tuesday, August 21, 2001, 11:52:13 PM, Lynn W. Taylor wrote:
> Remember that certificates are about identification, not really about
> encryption.
> Mismatched names should be a HUGE red-flag.
In this case, this was only an issue to provide a placeholder for
people who (very rarely) might type in https://domain.com/ instead of
using the links to the SSL site on the site's regular non-encrypted
site.
As for certs being about identification and not encryption, perhaps
that was how they were intended, but the number of users who know
anything about the identification properties of a cert are extremely
few and far between. All they care about is the little lock in their
browser.
--
Best regards,
William X Walsh <[EMAIL PROTECTED]>
Userfriendly.com Domains
The most advanced domain lookup tool on the net
DNS Services from $1.65/mo
