Terrell Larson wrote:
>
> I think the short answer is that the user won't know - this is the practical answer.
> The technical answer is the the user must be
> able to run an app such at MD5 against the browser code that will confirm that the
>browser is legit. But of course the md5 app
> might have been compromised and paranoia reigns supreme. It can be done - a secure
>site can rifle thru the apps in a client's
> machine and authenticate them.
And no-one would dream of using that as a cracking too, right? Somehow,
I don't think this is a viable option.
I'd say the more realistic answer is to run your browser on a platform
you trust, and use free software so you (and others) can check the
source.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
