On Fri, 17 Aug 2007 15:50:48 +0200 Iljitsch van Beijnum <iljitsch@xxxxxxxxx> wrote: > > Then again, misspelled fishing would be an order of magnitude harder > if banks and retailers started using S/MIME, which is widely > implemented today, S/MIME would be a fine start. It also won't solve the problem until someone develops a user interface that DTRT for naive users who don't understand trust anchors, the difference between authentication and authorization, or how to distinguish myfinancialcompany.com from myfinancia1company.com when both have valid certificates. --Steve Bellovin, http://www.cs.columbia.edu/~smb _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf