Re: Trusted sites bank

From: Richard Urban (richardurbanREMOVETHIS_at_hotmail.com)
Date: 10/23/04


Date: Sat, 23 Oct 2004 11:34:47 -0400

When push come to shove, it is entirely up to you to decide what are trusted
sites. No one can do it for you.

-- 
Regards:
Richard Urban
aka  Crusty (-: Old B@stard :-)
"Alex P" <5334@emailias.com> wrote in message 
news:eSozozIuEHA.1472@TK2MSFTNGP10.phx.gbl...
>
> "Robert Moir" <bofh@mvps.org> wrote in message
> news:OqVyu$HuEHA.820@TK2MSFTNGP12.phx.gbl...
>> Alex P wrote:
>> > How about root certificates ?
>> > Windows is able to maintain the list updating it.
>> > Why not maintain list of trusted sites ?
>>
>> One reason - What exactly is a "trusted" site? Who can decide what sites
> you
>> can and can not trust if you are not prepared to figure it out youself?
> What
>> you trust may not be what I trust, and vice versa.
>>
>> I've got my work intranet and various testbeds for websites i'm playing
>> around with myself in my trusted sites list. Do you trust *my* intranet?
> Do
>> you really like the idea of things that I'm "playing about with" in your
>> trusted sites list? Didn't think so.
>>
>> You add your bank to your list of trusted sites. Well thats up to you. 
>> But
>> guess what, I bank somewhere else, so if you publish a list of "trusted
>> sites" then your "trusted" sites list is not only going to miss a site I
>> need, because it doesn't have *my* bank on it, its also subjecting me to 
>> a
>> risk by exposing me to *your* bank, which I don't bank with and hence
> don't
>> need to take a risk on trusting.
>
> True, but what if this is the bank of Microsoft built by a group of site
> testers working for Microsoft ?
> Or bank maintained by some organization like spam blacklists.
> Would you trust it ?
> I would.
> This bank would not include any sites people complain about.
> This bank would not include any sites that know to put spy on your 
> computer.
> World society would improve this bank and reuse it.
>
>