security
James A. Donald
jamesd at echeque.com
Mon Oct 23 11:38:23 UTC 2006
Dick Hardt wrote:
> > > This is like saying that all websites should use
> > > SSL and we should stop allowing HTTP because it is
> > > insecure. Where would the web be if all sites had
> > > to run SSL to start off with?
James A. Donald:
> > Well for one thing we would not now have a massive
> > phishing crisis.
Dick Hardt
> Uh, pretty much all sites targeted by phishing are
> running SSL.
The phishing sites are seldom running SSL. If all sites
*had* to run SSL, this would make phishing substantially
more difficult.
More information about the general
mailing list