[cryptography] Let's go back to the beginning on this
James A. Donald
jamesd at echeque.com
Tue Sep 13 20:08:15 EDT 2011
On 2011-09-14 4:31 AM, Seth David Schoen wrote:
> which had a valid cert a while ago and then recently stopped.
A system that gives false negatives is worthless. It has to be
sufficiently reliable that it makes sense to deny access.
Of course, a system where one has to interact with a third party to be
certified will always give frequent false negatives, requiring the
option to click through, and thus training users to click OK on sight.
Skype also gives you the option when a stranger you have never
interacted with before wants to talk to you, but in the skype case, the
criterion is sufficiently reliable that users get trained to click deny
More information about the cryptography