[cryptography] Let's go back to the beginning on this

James A. Donald jamesd at echeque.com
Tue Sep 13 20:08:15 EDT 2011


On 2011-09-14 4:31 AM, Seth David Schoen wrote:
> https://www.senate.gov/
>
> which had a valid cert a while ago and then recently stopped.

A system that gives false negatives is worthless.  It has to be 
sufficiently reliable that it makes sense to deny access.

Of course, a system where one has to interact with a third party to be 
certified will always give frequent false negatives, requiring the 
option to click through, and thus training users to click OK on sight.

Skype also gives you the option when a stranger you have never 
interacted with before wants to talk to you, but in the skype case, the 
criterion is sufficiently reliable that users get trained to click deny 
on sight.



More information about the cryptography mailing list