[Cryptography] Curating opinion: Re: Anonymous rendezvous
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun May 9 02:08:47 EDT 2021
Phillip Hallam-Baker <phill at hallambaker.com> writes:
>The WebPKI exists, it is a known quantity. People know what it does and does
>not do.
You need to qualify that a bit, what people who are IT security geeks know
what it does and does not do is quite different to what people who are not IT
security geeks know what it does and does not do. However in both cases the
result is the same, it encourages people to feel safe doing business online.
For security people it's because we're careful about what we do and know about
Reg.E and Reg.Z, for non-security people it's because a certificate is like a
BBB seal and means the site has been checked and verified by the CA as safe
and legitimate, won't infect you with malware, etc (these are all results from
user studies on mental models of certificates).
Peter.
More information about the cryptography
mailing list