RE: [LINK] DigiCerf?

From: Chirgwin, Richard (Richard.Chirgwin@informa.com.au)
Date: Wed Aug 01 2001 - 09:04:45 EST

Next message: Roger Clarke: "[LINK] Passport, Hailstorm and Related Enemies"
Previous message: Rick Welykochy: "Re: [LINK] DigiCerf?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Stephen,

You don't have to be brainless to find certificates a pain in the
proverbial.

The certification industry is out there saying "certificates are the only
solution to e-commerce". They're one solution to one problem - but IMHO
they're not a solution to the consumer's problem. Not just because they're
"hard", but that's one part of the issue.

For eg: we've seen several instances of major companies forgetting to renew
a certificate, so that users get a browser message saying "This Certificate
Has Expired. Continue?" - now, you don't have to be a dummy to be confused
by a security message telling you your bank might be insecure. My point: if
major companies aren't 100% across certificates, is it reasonable to expect
every individual to be?

-----Original Message-----
From: Stephen Loosley [mailto:stephen@melbpc.org.au]
Sent: Tuesday, 31 July 2001 22:56
To: link@www.anu.edu.au
Subject: Re: [LINK] DigiCerf?

Hi Rick and all ..

At 09:25 AM 30/07/2001, Rick Welykochy wrote:

>> DigiCerf are offering digital certificates .. Link opinions?
>
> It is beyond the capabilities of most (99%) of desktop computer
> users to do the following to guarantee security of their own digital
> certificates: (a) secure their machine from attack (b) install and
> manage their certificate in a secure manner (c) keep a secure
> backup/offsite copy of their private key (d) select and use a 'good'
> passphrase to protect their key Cheers RickW

So Link opinion (2 x on and 3 x off-list) regarding DigiCerf appears
divided. Although yours Rick seems quite strongly felt & expressed.

As one whom finds it necessary to run their notebook as a server (in
order to develop .asp pages) forgetfully leaving file-sharing 'open' for
30 hours (4 hours of which on-line) and experiencing a stealth-attack
in that 4 hour window, one must agree about security of "home" PCs.

However, your pessimism regarding possible e-commerce solutions
such as those forms which DigiCerf may encourage wouldn't appear
all that helpful, imho. If the DigiCerf solution is not to your liking what
with your opinion of the average PC punter as brainless, do you have
another suggestion for encouraging on-line commerce? For example
what about <www.thawte.com/getinfo/programs/wot/contents.html>?

Surely there must be a way link etc can advance e-commerce and the
Internet with reasonable hopes for security for average home punters?

Cheers, Rick :-)
Stephen Loosley
http://stephen.ws

Next message: Roger Clarke: "[LINK] Passport, Hailstorm and Related Enemies"
Previous message: Rick Welykochy: "Re: [LINK] DigiCerf?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.1 : Fri Aug 31 2001 - 03:10:02 EST