New article on root certificate problems with Windows
Ian G
iang at systemics.com
Thu Jul 19 12:10:38 EDT 2007
pgut001 at cs.auckland.ac.nz wrote:
> From a security point of view, this is really bad. From a usability
> point of
> view, it's necessary.
I agree with all the above, including deleted.
> The solution is to let the HCI people into the
> design
> process, something that's very rarely, if ever, done in the security
> field [0].
To jump up and down ... if that was the solution, it would
have been done by now :)
I would instead state that the solution was whatever Skype
and SSH did. And the opposite of whatever IPSec, SSL,
Clipper, S/MIME, DRM, and all the other failures did.
HCI was one of the things, but others were as important:
lack of open critique, service-before-security,
crypto-for-free, total solution, narrow problem, etc.
iang
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list