Saturday, August 20, 2005

How SSL/TLS is broken, socially:
"SSL/TLS works pretty well on the technical side, but on the social side, it’s broken, because so many sites (especially small ones) don’t use it, requiring users to send passwords and other private information in the clear. The problem is trying to do two things at once with a single standard:

authentication of the server’s (and sometimes the client’s) identity; and
encryption of communications."

(Via Quoderat.)

Mozilla and hypocrisy

Right, but what about the experiences that Mozilla chooses to default for users like switching to  Yahoo and making that the default upon ...