what if...?

Steven Bellovin smb at cs.columbia.edu
Fri Dec 23 03:13:40 UTC 2011


On Dec 22, 2011, at 7:04 PM, Jeroen van Aart wrote:

> Marshall Eubanks wrote:
>> Does your Mom call you up every time she gets a dialog box complaining
>> about an invalid certificate ?
>> If she has been conditioned just to click "OK" when that happens, then
>> she probably can't.
> 
> Everyone I have observed clicks "ok" or "confirm exception" (if I remember the phrase correctly) as soon as possible. Sadly I think only a few security conscious (IT) people will actually think twice and reject it if they don't trust it.
> 
> That to me proves this aspect ssl is somewhat flawed in that regard. But then I am preaching to the choir. :-)


See the definition of "dialog box" at http://www.w3.org/2006/WSC/wiki/Glossary

		--Steve Bellovin, https://www.cs.columbia.edu/~smb








More information about the NANOG mailing list