>>>>> "Dick" == Dick Hardt <[EMAIL PROTECTED]> writes:
Dick> 1) Most sites are not targeted by phishers today,
and
Agreed.
Dick> unlikely to be targeted in the future, so they should not be
Dick> forced to put in technology for resolving phishing.
Disagree. As you start to see reuse of identity, you will see people
moving from targeting primary targets to targeting other sites where
credentials may be harvested.
I think anyone who accepts identity information will ultimately be a
target.
Dick> 2) Currently the user has NO trusted site or client and is
Dick> easily phished. Once the user has one trusted software
Dick> system, then that system can more easily determine the
Dick> identity of other sites. In other words, the user will not
Dick> have to build up the full assurance stack with each site,
Dick> the user can leverage something they already trust to assist
Dick> in making the trust decision.
I more or less completely disagree with the above, especially with the
idea that the user will ever have one trusted software system.
_______________________________________________
dix mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/dix
