Dick Hardt <[EMAIL PROTECTED]> writes: >> Part of the problem is that the user and the software have >> a different view of the RP's identity. The software knows that >> C1tibank and Citibank are different, but the user does not. > > Minor clarification: I was at the recent Anti Phishing Working Group > meeting and many phishing attacks are gathering personal data in > addition to or instead of the user's password.
Fair enough.... -Ekr _______________________________________________ dix mailing list [email protected] https://www1.ietf.org/mailman/listinfo/dix
