[Cryptography] Phishing and other abuse issues [Was: Re: Encryption opinion]

Stephen Farrell stephen.farrell at cs.tcd.ie
Fri Aug 29 13:16:07 EDT 2014



On 29/08/14 16:39, ianG wrote:
> Good pointers.  But no banana sadly.  The crux is whether these groups
> have the credibility to provide security leadership to the browser
> vendors.  They don't.  IETF holds the credibility in vendors' mindset,
> but as many have suspected, that isn't IETF's mandate.

FWIW, I'm not clear on what scope extension (or whatever)
is being proposed. I do get that the IETF not considering
UIs has in the past caused problems, in particular with
HTTPS, but I do not get how one might sensibly go about
improving that. If someone has a concrete proposal, I'd be
happy to chat about what to do about that.

I'm not sure that's really in scope for this list though,
so maybe better to handle that offlist unless the moderators
say its ok.

S.


More information about the cryptography mailing list