[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Draft Charter

To: "Seppo Lindborg (JO/LMF)" <seppo.lindborg@xxxxxxxxxxxx>
Subject: RE: Draft Charter
From: Stephen Kent <kent@xxxxxxx>
Date: Fri, 17 Aug 2007 09:30:38 -0400
Cc: <ietf-trust-anchor@xxxxxxxx>
In-reply-to: <D34CB2979BAB35448AB0A5FBAC56778D01F9CA98@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.vpnc.org/ietf-trust-anchor/mail-archive/>
List-id: <ietf-trust-anchor.vpnc.org>
List-unsubscribe: <mailto:ietf-trust-anchor-request@vpnc.org?body=unsubscribe>
References: <AE1B6FDD5E39704DB2F38B6FC77D59A2011CB253@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <96F4992C-FAD6-4513-9ABE-81F08CE2998C@xxxxxxxxxxxxxx> <> <20070816114559.A34125@xxxxxxxxxxxxxxxxxx> <> <D34CB2979BAB35448AB0A5FBAC56778D01F9CA98@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: owner-ietf-trust-anchor@xxxxxxxxxxxxx


At 9:18 AM +0200 8/17/07, Seppo Lindborg (JO/LMF) wrote:

This the current situation, but is it OK, or even acceptable? Wouldn't
it be more appropriate approach that there were no ready trust
assumptions or settings in the tool, and the user would add his, either
from some ready file, or case-by-case when he surfs?

Seppo Lindborg

For some, sophisticated users this could be a great improvement. For99% of the users it would likely create more opportunities for socialengineering. We have years of experience, plus a nice study by folksat CMU, showing that the average user is clueless about SSL/TLS, lockicons, etc. and is easily fooled. That's why phishing is sosuccessful.


Steve

References:
- RE: Draft Charter
  - From: Thomas Hardjono
- Re: Draft Charter
  - From: Yoav Nir
- Re: Draft Charter
  - From: Stephen Kent
- Re: Draft Charter
  - From: Cat Okita
- Re: Draft Charter
  - From: Stephen Kent

Prev by Date: RE: Draft Charter
Previous by thread: RE: Draft Charter
Next by thread: RE: Draft Charter
Index(es):
- Date
- Thread