On 03/27/2009 01:46 AM, Ian G:
The original idea was how to improve Thunderbird's existing abilities
to work with crypto and deliver security.
Could you define security please?
...as such, Mozilla goes a step fuhrer and tells you correctly "hey, we
can't know if you are connecting to the site you intend to connect to
and we recommend not to connect to the site...it might be somebody
different really".
It doesn't need to say that. Emails are already that way. If it were
to say it, then it would be complicating its own liability position.
S/MIME certificates are at least email control validated, everything
else doesn't make much sense I think. The MITM can happen there too, as
with the web. So what would be the point to encrypt in first place?
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: start...@startcom.org
Blog: https://blog.startcom.org
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
