On Sep 9, 2013, at 5:51 PM, Arturo Servin
<arturo(_dot_)servin(_at_)gmail(_dot_)com> wrote:
Because normally with SSL and SSH the complexity is in the server,
not the client. When the client needs to verify the identity of some
site with SSL we have the background browser process to check it (that
in fact it is another weakness in the model).
The UI complexity is in the server for TLS, but not for SSH. And indeed the
way TLS most typically fails is that the UI in many cases fails to communicate
the right information to the user, and fails to do what the user would need in
order to fully protect them.
That said, it is still a very successful protocol, and delivers a lot of value
despite its various UI issues.