We are talking about MONEY and PRIVACY. How much risk are you
willing to take with these?
I'm inclined to agree with Ian here, while you're being distracted by flashy audits how many of those online shopping carts with a commercially issued certificate have their MS SQL database hacked and all the creditcards contained in it stolen? Shouldn't things be done to encourage security (as he said) as a whole, rather then be bogged down by one detail of it? This isn't just education of users, but poor programming practises with handling financial information on servers etc... Perhaps commercial CAs issuing certificates should take a more proactive approach and run basic audits themselves on who they are supposedly protecting... (Smoke and mirrors)
-- Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
