Re: IDNA and security
* Michael Stone:
> On Tue, Feb 08, 2005 at 10:29:43PM +0100, Florian Weimer wrote:
>>IMHO, the whole underlying idea that you can use a name to tell if a
>>site is trustworthy is flawed. The net just doesn't work this way.
> Yes it does. Ecommerce security is founded on the idea that if the
> little padlock is lit up you're secure. That little padlock is based
> on the name.
Uh-oh. No. It appears if someone has paid a few bucks to someone
else. This has got nothing to do with names, they are not verified by
(I wouldn't object to removing USERTRUST from our root CA lists,