Open versus closed PKI systems
Nicholas Bohm
nbohm at ernest.net
Thu, 17 May 2001 17:10:44 +0100
At 16:42 17/05/2001 +0100, Ian BROWN wrote:
>>If businesses find it makes
>>no difference whether they offer certificates or not, presumably they will
>>cease to bother.
>
>Unfortunately, browsers make it rather awkward for the average consumer to
>connect securely to a site that doesn't have one from an organisation in
their
>certificate cache. For that reason alone, I suspect most firms will continue
>paying a few hundred dollars a year to stop their users having to click
>through 5 or 6 incomprehensible "do you want to accept this certificate"
>dialog boxes :(
True. I should have said "If businesses find it makes no difference
whether they offer "secure" sites or not, presumably they will cease to
bother.", which is what I had in mind.
By now the cognoscenti know that if others get hold of their credit card
details (and interception of the session is far from the most likely
source), the resulting risk is to merchants, not customers.
Regards
Nicholas
Salkyns, Great Canfield,
Takeley, Bishop’s Stortford CM22 6SX, UK
Phone 01279 871272 (+44 1279 871272)
Fax 01279 870215 (+44 1279 870215)
Mobile 07715 419728 (+44 7715 419728)
PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint:
9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint:
5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF