[AUUG-Talk]: What's a padlock worth?

Miles Goodhew mgoodhew at internode.on.net
Fri Jan 7 08:35:51 EST 2005


David Bullock wrote:
> Hi folks,
...
> The questions is - leaving aside the claim made by option A
> - does option A or B provide any more actual protection
> against the consumer trusting a fraudulent site than option
> C?  Given that users don't generally look at their certificates
> (other than to notice the state of the 'golden padlock'), can
> we safely say that the value of the golden padlock is *only*
> in respect of security of data-transmission?

	Well, I think you already know the answer to that one. However I think 
you overstate what John Q. Public infers from the presence of the 
padlock. I'd say it's most often associated with protection from 
malicious 3rd-party eavesdroppers ("Hackers can't steal my credit-card 
number when the padlock's there"). The average non-computer user either 
trusts all online vendors or none.

> And if we can say that, whom is the cheapest .au-friendly
> certificate provider which has a good presence on the default
> certificate-provider lists shipped with most browsers?

	No idea - I don't go about setting-up websites that need certification 
very much. However the rebellious ratbag inside me would urge only 
considering those providers with certificates in Firefox 1.0+. The 
commercial realist in me concedes that IE still has at _least_ a year of 
life left in it.

Moles.


-- 
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.8 - Release Date: 3/01/2005




More information about the Talk mailing list