security
James A. Donald
jamesd at echeque.com
Mon Oct 23 00:05:06 UTC 2006
Dick Hardt wrote:
> This is like saying that all websites should use SSL
> and we should stop allowing HTTP because it is
> insecure. Where would the web be if all sites had to
> run SSL to start off with?
Well for one thing we would not now have a massive
phishing crisis.
And if we had done something similar with email, as DKIM
now attempts to retroactively do, we would not now have
a massive spam crisis either.
SSL was and is specified without adequate concern for
efficiency, but the steady increase in the power of
computers have made this less of a concern.
More information about the general
mailing list