On 7/31/12 6:43 AM, Mike Belshe wrote:
>
> Part of the reason it is hard is because we haven't built the tools we
> need. Why haven't we built better tools? Because its too easy to opt
> out.
Or too hard to opt in.
>
> If the net were secure by default and offered no option to amateur
> blokes like us, we'd soon have a one-liner command line mechanism to
> request/sign/issue/install our server certs and we'dl all be laughing
> about how we used to say it was "hard".
I look forward to that day. But it is not today, and your use of the
term "secure" is loose. It is possible to make things worse by
attempting to make things more "secure". Forcing the users to ignore an
indication that works *somewhat* would make things worse.
Eliot