- From: Thomas Roessler <tlr@w3.org>
- Date: Thu, 26 Apr 2007 11:35:11 +0200
- To: michael.mccormick@wellsfargo.com
- Cc: ses@ll.mit.edu, public-wsc-wg@w3.org, kjell.rydjer@swedbank.se, steve@shinkuro.com, public-usable-authentication@w3.org
(CC to the public comment list, since some folks who aren't on the WG are copied on this conversation.) On 2007-04-13 13:33:25 -0500, michael.mccormick@wellsfargo.com wrote: > I still think DNSSEC will be more valuable if it's visible to the > end user. True, most won't care. But some will, especially if > it can be presented in an intuitive and jargon-free fashion in > the UI. So, a user encounters a DNSSEC indicator. That means that they got the mapping from the domain name to the IP address securely. It doesn't tell them *anything* about the security of the conversation that goes on on higher protocol levels. On the other hand, if TLS is in place, the security of the connection doesn't really depend on DNSSEC, so the presence or absence of that indicator wouldn't provide any particularly useful information. Maybe one of you guys could enlighten me what user decision such an indicator would reasonably support? Thanks, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Thursday, 26 April 2007 09:35:19 UTC