Re: Trusted sites bank
From: Richard Urban (richardurbanREMOVETHIS_at_hotmail.com)
Date: Sat, 23 Oct 2004 11:34:47 -0400
When push come to shove, it is entirely up to you to decide what are trusted
sites. No one can do it for you.
-- Regards: Richard Urban aka Crusty (-: Old B@stard :-) "Alex P" <email@example.com> wrote in message news:eSozozIuEHA.1472@TK2MSFTNGP10.phx.gbl... > > "Robert Moir" <firstname.lastname@example.org> wrote in message > news:OqVyu$HuEHA.820@TK2MSFTNGP12.phx.gbl... >> Alex P wrote: >> > How about root certificates ? >> > Windows is able to maintain the list updating it. >> > Why not maintain list of trusted sites ? >> >> One reason - What exactly is a "trusted" site? Who can decide what sites > you >> can and can not trust if you are not prepared to figure it out youself? > What >> you trust may not be what I trust, and vice versa. >> >> I've got my work intranet and various testbeds for websites i'm playing >> around with myself in my trusted sites list. Do you trust *my* intranet? > Do >> you really like the idea of things that I'm "playing about with" in your >> trusted sites list? Didn't think so. >> >> You add your bank to your list of trusted sites. Well thats up to you. >> But >> guess what, I bank somewhere else, so if you publish a list of "trusted >> sites" then your "trusted" sites list is not only going to miss a site I >> need, because it doesn't have *my* bank on it, its also subjecting me to >> a >> risk by exposing me to *your* bank, which I don't bank with and hence > don't >> need to take a risk on trusting. > > True, but what if this is the bank of Microsoft built by a group of site > testers working for Microsoft ? > Or bank maintained by some organization like spam blacklists. > Would you trust it ? > I would. > This bank would not include any sites people complain about. > This bank would not include any sites that know to put spy on your > computer. > World society would improve this bank and reuse it. > >