Re: comprehensive TLS is not the solution, it's a bug ... (was 2 questions)

On 31.03.2015 13:21, Amos Jeffries wrote:
> On 31/03/2015 10:12 p.m., Walter H. wrote:
>> On Tue, March 31, 2015 11:02, Amos Jeffries wrote:
>>>> just look at this screens-shot
>>>> (this was made at - I'm Austrian and this is a
>>>> internet shop, but ... - my proxy blocks advertising in a very agressive
>>>> way)
>>> Er, I feel obliged to say "please upgrade" to this.
>> have you understood the real message of this?
> I hope so.
I don't think so ...
> There are many interpretations though and you did not post it
> in reply to a statement by me.
No, there is definitely only one interpretation, you got a wrong one ... 
your "please update" is totally nonsense in this context;

as the garbage collection isn't escorted by police, there is no need of 
TLS everywhere;
just as much as really needed;

this screenshot  shows totally different content as supposed to be shown 
in connection with the URL presented in the address bar of the browser;
the same it would be with TLS.
but exactly this was the reason for  Dan Anderson

he wrote: "But I think I would still care about the integrity benefits 
(Am I talking to the site I think I am talking to?, is there a man in 
the middle?, etc.)
I can't think of a case where I would not want this assurance."

this screen shot shows the counter evidence of his requirements of 
comprehensive TLS;


Received on Tuesday, 31 March 2015 18:21:46 UTC