On 12/10/2012 12:41 PM, Steve Atkins wrote:
On Dec 10, 2012, at 12:24 PM, Paul Smith <paul(_at_)pscs(_dot_)co(_dot_)uk>
wrote:
Remember, the idea wasn't to have a 'global' list of 'good
domains', but ones which the *user* has whitelisted, so the user
recognises them.
If it's user managed - rather than managed by a third party that
actually keeps track of who is a bank and who isn't - I'd guess it'd
just lead to meta-phishing, where the goal is to get the user to add
a link to their whitelist, rather than having them click on a link.
Fair point. that's probably why an independent list, such as
Bitdefender seems to use, is probably the right approach. I could
imagine, however, some possible benefit in keeping track of which
entries in the list a particular user tends to go to. Such as one or a
few banks versus others.
On 12/10/2012 12:48 PM, Martijn Grooten wrote:
Again, there are a lot of web filters already out there. Can someone
explain either why the problem we're trying to solve here is
different than the one they attempt to solve or, if it isn't, why our
solution will be better?
I'm not sure it is 'different' but possibly 'in addition'. I'm
suggesting integration with the MUA. And to be clear, I'm not clear
about the details. I'm merely offering a very basic idea. The precise
details, nevermind determining actual efficacy, would be TBD.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg