[cryptography] So, PKI lets know who we're doing business with?
bernie at fantasyfarm.com
Tue Jan 8 17:47:33 EST 2013
On 8 Jan 2013 at 17:06, Jeffrey Walton wrote:
> > https://www203.americanexpress.com
> That's not too egregious (though its bad). What frustrates me is when
> they send you to a different domain for the authentication or a
> transaction. I won't add sites to the trusted base just because a web
> master thought it was a good idea.
Similar thing for me: One of my accounts is with StellarOne bank. Main
site is not HTTPS nor redirects. But when you put in your account ID you
get sent to netteller.com with a certificate owned by Jack Henry and
Associates, Inc. I called the bank to ask about that and they said that
that's OK -- "Jack Henry", whoever that is, handles their online banking
machinery so it is a legit redirect. But it sure was disconcerting...
Bernie Cosell Fantasy Farm Fibers
mailto:bernie at fantasyfarm.com Pearisburg, VA
--> Too many people, too few sheep <--
More information about the cryptography