[Cryptography] Phishing and other abuse issues [Was: Re: Encryption opinion]
ianG
iang at iang.org
Fri Aug 29 11:39:33 EDT 2014
On 28/08/2014 20:38 pm, Paul Ferguson wrote:
> Might I suggest that a few other organizations might be better
> "equipped" to focus on this problem? For starters:
>
> --> http://apwg.org/
> --> http://m3aawg.org/
Good pointers. But no banana sadly. The crux is whether these groups
have the credibility to provide security leadership to the browser
vendors. They don't. IETF holds the credibility in vendors' mindset,
but as many have suspected, that isn't IETF's mandate.
Starting another group isn't the answer, we've already got a crowded
field of them. As xkcd puts it:
https://xkcd.com/927/
Or, if it is the answer, it should be done like vancouver or montreal or
wherever that first anti-phishing meeting was done.
iang
More information about the cryptography
mailing list