once more, with feeling.
Adam Shostack
adam at homeport.org
Mon Sep 8 15:02:33 EDT 2008
On Mon, Sep 08, 2008 at 04:16:46PM +0100, Darren J Moffat wrote:
|
| I believe the only way both of these highly dubious deployment practices
| will be stamped out is when the browsers stop allowing users to see such
| web pages. So that there becomes a directly attributable financial
| impact to the sites that deploy in that way.
|
| As much as I like Firefox & Safari [ the only two browsers I use now ]
| this has to be led by Microsoft with Internet Explorer since that will
| have the biggest impact, given IE 8 is in beta this seems like a perfect
| opportunity to get this in as a change for the next version.
Not speaking for my employer here.
Most browser vendors try to display pages as best they can. Both end
users and businesses get very upset at browser makers who push
security improvements by breaking existing practices.
If such changes were to happen, then they should either be emergency
(seems unlikely, given how long this has been around) or planned and
communicated. Adding something high impact after beta 2 doesn't seem
like good communication.
What makes now the perfect time to address an issue which has been
present for quite soem time?
Adam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list