Re: Improving Authentication on the Internet

Wed, 11 May 2005 06:32:50 -0700 

Ian G wrote:

Duane, don't worry about it.  Let's put this in
perspective:  as only CAs and browser manufacturers
are invited, there is only a slice of the interested
parties there.  There are no users, no lawyers, no
enforcement people, no server side people, maybe
no Microsoft, no FDIC, and probably no security people.


Never assume, it makes an ass out of you and me :)

At present the only confirmed parties involved are CAs, and mofo folks, I'm guessing at least one CA employees lawyers are different times (perhaps for this purpose as well) but without know who's turning up we're both just speculating on who might or might not be attending...

But, remember the first part.  The security itself is
probably or completely misunderstood.  (Oh, and I
forgot, the phisher isn't invited either.)


The phisher is already 10 steps ahead of the game...

So don't for a moment think that the outcome of this
meeting will effect you.  The name of the productive

I'll refer you to some choice quotes I wrote this morning for the CAcert blog...

"Now I have no reason to believe there is anything sinister about Gervase’s motives, however I long since worked out, most vested interests in better protecting people’s security and privacy only stem from what they stand to gain from it, or in some cases what they stand to not loose such as their freedom from being sent to jail for corporate corruption and scandals.

So we must ask ourselves what does a bunch of CAs and browser vendors stand to gain from better identifying users on the internet? In mozilla’s case they stand to potentially increase the browsing experience for their users, but why would a commercial CA instigate these proceedings?"

http://blog.cacert.org/?p=32

--

Best regards,
 Duane

http://www.cacert.org - Free Security Certificates
http://www.nodedb.com - Think globally, network locally
http://www.sydneywireless.com - Telecommunications Freedom
http://happysnapper.com.au - Sell your photos over the net!
http://e164.org - Using Enum.164 to interconnect asterisk servers

"I do not try to dance better than anyone else.
    I only try to dance better than myself."
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security

Reply via email to