By "reinforcement" I mean "specific advertisement": if the OP uses its
support of SSL as a feature to attract users, but not educating the user
about how this security measure fits in among the larger picture, they are
effectively misleading the user into a mistaken idea of how secure they are.
Do you have evidence that this is actually happening, or is this just
speculation?
Evidence that OP's are advertising SSL as a security feature, or
evidence that users are being misled into thinking they really *are*
secure from a DNS hack?
-Shade
_______________________________________________
security mailing list
[email protected]
http://openid.net/mailman/listinfo/security
