Ian G wrote:
Duane, don't worry about it. Let's put this in perspective: as only CAs and browser manufacturers are invited, there is only a slice of the interested parties there. There are no users, no lawyers, no enforcement people, no server side people, maybe no Microsoft, no FDIC, and probably no security people.
Never assume, it makes an ass out of you and me :)
At present the only confirmed parties involved are CAs, and mofo folks, I'm guessing at least one CA employees lawyers are different times (perhaps for this purpose as well) but without know who's turning up we're both just speculating on who might or might not be attending...
But, remember the first part. The security itself is probably or completely misunderstood. (Oh, and I forgot, the phisher isn't invited either.)
The phisher is already 10 steps ahead of the game...
So don't for a moment think that the outcome of this meeting will effect you. The name of the productive
I'll refer you to some choice quotes I wrote this morning for the CAcert blog...
"Now I have no reason to believe there is anything sinister about Gervase’s motives, however I long since worked out, most vested interests in better protecting people’s security and privacy only stem from what they stand to gain from it, or in some cases what they stand to not loose such as their freedom from being sent to jail for corporate corruption and scandals.
So we must ask ourselves what does a bunch of CAs and browser vendors stand to gain from better identifying users on the internet? In mozilla’s case they stand to potentially increase the browsing experience for their users, but why would a commercial CA instigate these proceedings?"
http://blog.cacert.org/?p=32
--
Best regards, Duane
http://www.cacert.org - Free Security Certificates http://www.nodedb.com - Think globally, network locally http://www.sydneywireless.com - Telecommunications Freedom http://happysnapper.com.au - Sell your photos over the net! http://e164.org - Using Enum.164 to interconnect asterisk servers
"I do not try to dance better than anyone else. I only try to dance better than myself." _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security