Version: 2008
  • On The Insider: Britney's Bikini-Clad Top 10

Comments on: Browsers to get sturdier padlocks

Web industry group aims to lock out phishers with a stronger program to vouch for legitimate e-commerce sites.
Screenshots: Padlocking IE 7

Add a Comment (Log in or register) (14 Comments)
  • prev
  • 1
  • next
It's the users
by SqlserverCode December 12, 2005 8:29 AM PST
You should put padlocks on users since no matter what you do 99% of the time it's the user who clicks on attachments that are clearly a virus


http://otherthingsnow.blogspot.com/
Reply to this comment
What an inane comment
by volterwd December 12, 2005 8:38 AM PST
Thanks for trying to redirect this issue somewhere else and not at all lend any idea to the problem at hand
Ditto the inane comment
by Michael Grogan December 12, 2005 9:33 AM PST
Even if this article had anything to do with viruses, which it doesn't, attachments that contain viruses are seldom, if ever, 'obvious'. The only time you can generally recognize them is when you've been warned beforehand.
RE
by unknown unknown December 12, 2005 12:58 PM PST
From your comment I am entirely sure you understand the purpose of the padlock, the technology behind it, and what they're trying to do. Viruses are different issue, this is concerned with making it harder for phishers etc to spoof a website. Instead of the current system of issuing SSL certificates which are basicly issued on little more the persons or companies word they won't do anything ethically suspect. The new process will make it harder to get certificate because companies who want them will have to prove they deserve one.

It true these certificates can be used to sign downloads, that's not the primary purpose as far as this article goes.
what will be next?
by Steven N December 12, 2005 9:37 AM PST
Ultra high assurance certificates?
Reply to this comment
Wrong impression
by malcolm-d December 12, 2005 10:03 AM PST
Your article called "Browsers to get sturdier padlocks" gives the wrong inpression that IE is leading the way with address bar highlighting. Mozilla Firefox has had this feature for some time. Firefox also displays a dialog that allows the user to view the certificate which IE does not currently do...
Reply to this comment
Incorrect
by bayden December 12, 2005 12:18 PM PST
1> Double-click the lock in IE to see the certificate.
2> Firefox's address bar highlight applies to all SSL certificates, not just enhanced validation certs.
Comodo Pushing Antiquated Verification
by stroletti December 12, 2005 10:36 AM PST
It comes to me as no surprise that Comodo would be behind such a move. They are kind of like the Entertainment Industry. They refuse to change and modernize their Industry to provide the end user with a higher quality product. Instead they insist everyone should curb their business model to fit the needs of Comodo.

I have no problem with an SSL provider verifying the details of someone?s identity prior to issuing a certificate. I also understand that with security comes a certain level of inconvenience. However Comodo uses antiquated methodologies that leave the door open to counterfeiting and put the total burden of proof on the end user. Using facsimile copies of Article of Incorporation is antiquated and only keeps the honest people in line. I can print Articles of Incorporation and fax them all day long. They also don't accommodate for larger entities that have multiple locations for Retail, Technical, Administrative, and Sales office. You then have to send a letter on Company letterhead documenting the addresses. Again I can print and fax those all day.

Comodo needs to stop whining and invest in modern verification techniques to offer a quality solution that is well balanced between security and inconvenience. They also need to invest in tech support. 4 day turn around on customer support issues gives you plenty of opportunity to switch to the competition that usually answers the phone and gives the customer what they want.

Comodo is grasping at strings and playing the emotional security card to keep on offering an inferior product plagued with inconveniences instead of keeping up with the competition and offering quality solutions.
Reply to this comment
VeriSign Employee Attacks Comodo
by BuckyFuller December 13, 2005 8:08 AM PST
It is always fascinating to read about someone attacking another
company as using antiquated verification techniques,
particularly when that person works for their largest competitor,
in this instance, VERISIGN. Comodo, whom I DO NOT WORK FOR,
but whose product we use, is clearly far and away the more
technically superior company which is probably why it is the
fastest growing company in SSL field. We did exhaustive
research before choosing Comodo, and Verisign actually was
fourth on our list of preferences for the very reasons that Steve
Troletti posted. I am not surprised at all that he wrote what he
wrote which is an outright unmitigated lie. Shame on him.
VeriSign Employee Attacks Comodo
by BuckyFuller December 13, 2005 8:09 AM PST
It is always fascinating to read about someone attacking another
company as using antiquated verification techniques,
particularly when that person works for their largest competitor,
in this instance, VERISIGN. Comodo, whom I DO NOT WORK FOR,
but whose product we use, is clearly far and away the more
technically superior company which is probably why it is the
fastest growing company in SSL field. We did exhaustive
research before choosing Comodo, and Verisign actually was
fourth on our list of preferences for the very reasons that Steve
Troletti posted. I am not surprised at all that he wrote what he
wrote which is an outright unmitigated lie. Shame on him.
VeriSign Employee Attacks Comodo
by BuckyFuller December 13, 2005 8:09 AM PST
It is always fascinating to read about someone attacking another
company as using antiquated verification techniques,
particularly when that person works for their largest competitor,
in this instance, VERISIGN. Comodo, whom I DO NOT WORK FOR,
but whose product we use, is clearly far and away the more
technically superior company which is probably why it is the
fastest growing company in SSL field. We did exhaustive
research before choosing Comodo, and Verisign actually was
fourth on our list of preferences for the very reasons that Steve
Troletti posted. I am not surprised at all that he wrote what he
wrote which is an outright unmitigated lie. Shame on him.
View reply
Big Phish ...
by My-Self December 12, 2005 2:15 PM PST
The main goal is to allow Verisign and others to take back the market and counter the trend toward lower cost certificates.
It's a shame browser makers are participating in this scam.
Reply to this comment
RE
by unknown unknown December 12, 2005 3:00 PM PST
I am not sure it's really a scam. If anyone can can get a certificate based on little more than their word and do as they please with impunity the certificates means very little.
(14 Comments)
  • prev
  • 1
  • next
advertisement

Latest tech news headlines

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.

More feeds available in our RSS feed index.

advertisement
News
News site map
Latest headlines
Contact News
News staff
Corrections
CNET blogs
Popular topics
Apple iPhone
Apple iPod
Cell phones
Dell
GPS
LCD TV
CNET sites
CNET Site map
CNET TV
Downloads
News
Reviews
Shopper.com
More information
Newsletters
CNET Mobile
Customer Help Center
RSS
CNET Widgets
About CNET