Tyler Close wrote: > On 6/18/05, Heikki Toivonen <[EMAIL PROTECTED]> wrote: >>Current SSL system generally requires no input from user (exceptions are >>when some problem with the certificate the server presents). > > The above statement is incorrect and is a primary factor underlying > the current phishing problem. The current SSL UI requires substantial > user input on every site visit. To be safe, the user must verify that
Maybe you weren't paying attention, or maybe the word input is not as precise as I thought it is. I said *input* - meaning the user must enter some data to the system. With SSL users generally don't need to enter data to the system. The exceptions are when a site presents a certificate and there is some problem that requires the user to input some data (click a button or something) to make a decision. The SSL system is not always easy to use, like you noted, but that was my criteria number 5. >>petname is >>an example where input is required for every SSL-enabled site the user >>visits more than once. > > This statement is also false. The petname tool requires user input for > each SSL site the user forms a trust relationship with. If there is > nothing to protect, the petname tool requires no effort. If there is If the site thought it was necessary to put up SSL, then it seems like by definition there is something worth protecting. If the user is willingly visiting the site more than once, there is obviously some trust relationship going on. Or if they don't care, then petname or current SSL makes no difference. -- Heikki Toivonen _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
