Archive for June, 2006

Certificate Authorities and Accountability

Monday, June 19th, 2006

Phillip Hallam-Baker, Chief Scientist at VeriSign, just gave a talk in which, among other things, he stressed the importance of accountability by certificate authorities.  The argument is that users should see not only the logo and name of the sites they’re dealing with, but also the logo and name of the certificate issuer, so [...]

That’s why we have three of them!

Monday, June 19th, 2006

I’m at Stanford today attending a workshop on Trustworthy Interfaces for Passwords and Personal Information.  We’ve been looking at lots of examples of how fradulent websites try to steal your passwords, credit card numbers, and other juicy stuff.
George Staikos has just been showing us how the security indicators are inconsistent across various browsers — [...]