I've just written the first version of "A Plan for Scams" - a summary of my views on the action required to tackle the phishing problem. I believe a co-ordinated effort from browser and mail client vendors, website owners, ISPs, domain registrars and certificate authorities is necessary, and I outline what steps each of them should take.
http://www.gerv.net/security/a-plan-for-scams/
Discussion: http://weblogs.mozillazine.org/gerv/archives/007569.html
Gerv
[Posted here as well as .security because this is actually where the phishing discussion is. Follow up to .security please. Follow-up not set because I believe it would lead to a duplicate posting there.]
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
