[Cryptography] "Trust in digital certificate ecosystem eroding"
John Levine
johnl at iecc.com
Sat May 2 11:20:12 EDT 2015
>One thing that might help is to display, by default or simple UI
>action, the trust chain. E.g. "Verisign.com says that this page
>is from WellsFargo.com." The CAs should like it since it puts
>their brand in front of users. It also might make organizations
>reluctant to change CAs.
Has there ever been an instance where punting a security decision to
the user improved the situation? Not that I can think of.
In this example, it isn't even Verisign saying that Verisign says that
it's Wells Fargo. It's now Symantec using Verisign's name under
licsnse saying that it's Wells Fargo. Chanelling one's grandmother,
what should she do now?
R's,
John
More information about the cryptography
mailing list