- From: Dick Hardt <dick@sxip.com>
- Date: Mon, 17 Apr 2006 16:26:28 -0700
- To: Thomas Roessler <tlr@w3.org>
- Cc: Jeffrey Altman <jaltman@secure-endpoints.com>, public-usable-authentication@w3.org
> On 2006-04-14 10:36:46 -0400, Jeffrey Altman wrote: >> ... >> While displaying logos may appear to be a good thing in the short >> term, >> I am skeptical of the long term security benefits. Graphics are proven to communicate more clearly than text to users. Well recognized brands are well recognized because they are seen often. since this is where most users go, this is the target of phishers. The issue is the process for the User Agent to determine that the graphic really does belong to the owner of the site. Secure Chrome is needed so that the user knows the graphic does belong. The CA process for asserting the graphic belongs to the site needs to be much better then the current one(s). -- Dick
Received on Tuesday, 18 April 2006 02:26:45 UTC