Re: International Domain Name [IDN] support in modern browsers allows attackers to spoof domain name URLs + SSL certs.

[Gwendolynn ferch Elydyr <gwen@xxxxxxxxxxxx>]

On Tue, 15 Feb 2005, bkfsec wrote:
> > > The difference between CAs and the BBB is that the BBB is well known and 
> > > highly accountable.  CAs are not necessarily. There is no widely screened 
> > > public discussion or understanding of the function of CAs.  The accepted 
> > > root CAs do their jobs on the browser entirely in the background.  Their 
> > > "seal of approval" is considered implicit by the lack of a message at all.
> >
> > Gwendolynn commented:
> > The BBB is certainly well known, but describing it as highly accountable
> > is certainly inaccurate.  A quick web search will inform you that the
> > BBB has local 'affiliates', and that the quality of these 'affiliates'
> > can vary dramatically from location to location.
> >
> > There's no widely screened public discussion or understanding of the
> > function of the BBB - and their seal of approval certainly appears on
> > sites and businesses they've never heard of.
> >
> > bkfsec retorted:
> Well, I meant more accountable than CAs are.  I still think that that 
> statement is accurate if you take my meaning.

Actually I don't take your meaning.  I'd appreciate it if you could
spell out why you think that one organization paid to provide trust 
is different from another organization paid to provide trust.

cheers!
==========================================================================
"A cat spends her life conflicted between a deep, passionate and profound
desire for fish and an equally deep, passionate and profound desire to
avoid getting wet.  This is the defining metaphor of my life right now."