[AUUG-Talk]: What's a padlock worth?
Miles Goodhew
mgoodhew at internode.on.net
Fri Jan 7 08:35:51 EST 2005
David Bullock wrote:
> Hi folks,
...
> The questions is - leaving aside the claim made by option A
> - does option A or B provide any more actual protection
> against the consumer trusting a fraudulent site than option
> C? Given that users don't generally look at their certificates
> (other than to notice the state of the 'golden padlock'), can
> we safely say that the value of the golden padlock is *only*
> in respect of security of data-transmission?
Well, I think you already know the answer to that one. However I think
you overstate what John Q. Public infers from the presence of the
padlock. I'd say it's most often associated with protection from
malicious 3rd-party eavesdroppers ("Hackers can't steal my credit-card
number when the padlock's there"). The average non-computer user either
trusts all online vendors or none.
> And if we can say that, whom is the cheapest .au-friendly
> certificate provider which has a good presence on the default
> certificate-provider lists shipped with most browsers?
No idea - I don't go about setting-up websites that need certification
very much. However the rebellious ratbag inside me would urge only
considering those providers with certificates in Firefox 1.0+. The
commercial realist in me concedes that IE still has at _least_ a year of
life left in it.
Moles.
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.300 / Virus Database: 265.6.8 - Release Date: 3/01/2005
More information about the Talk
mailing list