Tosoni
18/02/05, 01:45
Well, comparison with the NIC handle may be helpful... Here is my =
experiment about it:
I know of a guy who can be considered as a modern "average" user of NIC =
handles (since the overdevelopment of domains).
This guy keeps creating a new NIC handle for him each time he creates a =
domain for his company. And he creates many. So:
1) an average user does not understand NIC handles more than he =
understands CA. You (in your example) an I are not average users I =
believe.
2) Sounds like 90% of the NIC handles are unused/unneeded altogether. So =
maybe there is still 561 real NIC handle users on the place...
Back to the original problem, shouldn't the browser check that the =
domain name sought by the user, is only composed from existing keys on =
the user's keyboard, and alert the user otherwise ?
=20
Regards
JPT
----------
De : Thor (Hammer of God)[SMTP:thor@hammerofgod.com]
<snip>
>
> I know quite a number of average users and know of absolutely 0 who =
would
> be aware of this.
The number of people that you know (or who I know) that are aware of the =
uses for client
certificates is not what drives commercial certificate authority =
business
models. The simple fact of the matter is that user-level certificates =
are=20
an important part of the commercial certificate authority plan, and =
becoming=20
more and more so as your "average" users become aware of certificate=20
applications.
When I got my NIC handle untold years ago, only 561 other humans had =
one.=20
Your logic would preclude getting one in the first place, since no one =
knew=20
they existed at the time. When SSL certs were first being created=20
commercially, how many server operators did you know that had one? How =
many=20
do you know now? It's the same thing with client certs, and the logic=20
stands that certificate applications apply to them as well; particularly =
in=20
regard to the business and marketing models various certificate =
authorities=20
are running their business by. That was the point.
experiment about it:
I know of a guy who can be considered as a modern "average" user of NIC =
handles (since the overdevelopment of domains).
This guy keeps creating a new NIC handle for him each time he creates a =
domain for his company. And he creates many. So:
1) an average user does not understand NIC handles more than he =
understands CA. You (in your example) an I are not average users I =
believe.
2) Sounds like 90% of the NIC handles are unused/unneeded altogether. So =
maybe there is still 561 real NIC handle users on the place...
Back to the original problem, shouldn't the browser check that the =
domain name sought by the user, is only composed from existing keys on =
the user's keyboard, and alert the user otherwise ?
=20
Regards
JPT
----------
De : Thor (Hammer of God)[SMTP:thor@hammerofgod.com]
<snip>
>
> I know quite a number of average users and know of absolutely 0 who =
would
> be aware of this.
The number of people that you know (or who I know) that are aware of the =
uses for client
certificates is not what drives commercial certificate authority =
business
models. The simple fact of the matter is that user-level certificates =
are=20
an important part of the commercial certificate authority plan, and =
becoming=20
more and more so as your "average" users become aware of certificate=20
applications.
When I got my NIC handle untold years ago, only 561 other humans had =
one.=20
Your logic would preclude getting one in the first place, since no one =
knew=20
they existed at the time. When SSL certs were first being created=20
commercially, how many server operators did you know that had one? How =
many=20
do you know now? It's the same thing with client certs, and the logic=20
stands that certificate applications apply to them as well; particularly =
in=20
regard to the business and marketing models various certificate =
authorities=20
are running their business by. That was the point.