* Michael Stone: > On Tue, Feb 08, 2005 at 10:29:43PM +0100, Florian Weimer wrote: >>IMHO, the whole underlying idea that you can use a name to tell if a >>site is trustworthy is flawed. The net just doesn't work this way. > > Yes it does. Ecommerce security is founded on the idea that if the > little padlock is lit up you're secure. That little padlock is based > on the name.
Uh-oh. No. It appears if someone has paid a few bucks to someone else. This has got nothing to do with names, they are not verified by most CAs. (I wouldn't object to removing USERTRUST from our root CA lists, though.) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
