[Top] [All Lists]

Re: [saag] [Cfrg] Further MD5 breaks: Creating a rogue CAcertificate

2009-01-08 10:10:21

On Fri, Jan 09, 2009 at 02:17:44AM +1300, Peter Gutmann wrote:

Conceptually it's not absurd, but how are you going to persuade a
billion-odd users that they need to pay for something that they've
been conditioned to get for free?  Will you promise to indemnify
them against identity theft (via phishing) if they sign up to your
service?  What value-add will you offer that will convince the
drool-and-click masses to pay for your service?

Especially since the market has already come up with a solution that
involves the merchants and the credit card companies bearing the
burden of most fraud losses...

                                                        - Ted