On Sunday 19 June 2005 19:36, Heikki Toivonen wrote: > Duane wrote: > > In the end they decided to try it and now they enter the website address > > of their bank each time (they don't use bookmarks or click on links in > > emails) to make sure they connect to the right site each time. So > > So for them the current SSL model is actually enough.
Nope, entering the URL by hand will not cover on- the-wire MITMs, only phishing MITMs. So pharming/ DNS attacks are uncovered, for that they need to check the URL and the cert. Depending on the circumstances this could be anywhere from easy to hopeless. What we see there is the limits of the model: with high quality training, the click-thru feature is lost, some current attacks are covered, but developing ones are not. The users don't even trust the bookmarks in this case, and I wouldn't say they're being stupidly paranoid. If that's the solution, we now need to find ten million Duanes to train a billion browser user. Well, it's been a nice debate! I hope you can now see that if you assemble 10 experts in a room you'll get 11 different opinions on how to proceed. It is for reasons like this that we look to Mozilla as an organisation for leadership. So hopefully you can pass the message on - this is not about standards, decisions, rough consensus or all those other things. Instead it is about creating the space to let the solutions prove themselves. iang -- Advances in Financial Cryptography, Issue 1: https://www.financialcryptography.com/mt/archives/000458.html Daniel Nagy, On Secure Knowledge-Based Authentication Adam Shostack, Avoiding Liability: An Alternative Route to More Secure Products Ian Grigg, Pareto-Secure _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security