X.509 / PKI, PGP, and IBE Secure Email Technologies
Ben Laurie
ben at algroup.co.uk
Tue Dec 27 09:43:02 EST 2005
Anne & Lynn Wheeler wrote:
> a more sensible human factors design ... is to remember whether a person
> has checked out first time communication with a stranger ... the real
> first time, have the person do something additional ... and from then on
> remember that checking. in that respect ... creating a dependency on the
> user to repeatedly check a field that changes possibly thousands of
> times per day is extremely poor human factors security design.
This is the SSH design for host keys, of course, and also the petnames
design for URLs. Unfortunately petnames don't solve the problem that it
is hard to check the URL even the first time.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list