Amanda Walker criticezes SSL because it is irrelevant to the threat that people are likely to be concerned about.
SSL is a mechanism whereby a client and a server can establish a secure, authenticated transport channel. The problem is that this isn't what I want to secure and authenticate. [...] I want the *documents* I'm accessing to be secure and/or authenticated. I want my HTML documents signed and certified by the *author*, not the server. I couldn't care less about the server if I can verify that I've got the right document in response to my query. Similarly, if I send the contents of a form containing, say, my Amex number, I want to encrypt the session key with the public key of the merchant, not the service provider.
This is what I (and many others) mean by an "end to end security model."
This seems a very relevant criticism: Has Amanda, or anyone else proposed an extension to HTML that would incorporate such things? for example: <ENCRYPT ALG=soandso PUBLICKEY=87hfkjjhfd98uyeuihdhiucschhuichcxzcxhjcxjlcx fkfdhfhjdhjkvcccv3454DFFl l79*79 y978yy98gk gkghgksdghsdkghasdsak> Encrypted and possibly signed material. </ENCRYPT ALG=soandso SIG=3489347893uisdjhkfdy897r4hf893r4hjf> (with any special html characters, such as '<' and '>', being escaped in the ascii armored bitstreams. Or did the standards groups that Netscape has been ignoring not bother to discuss such matters? -- --------------------------------------------------------------------- We have the right to defend ourselves and our property, because of the kind of animals that we James A. Donald are. True law derives from this right, not from the arbitrary power of the omnipotent state. jamesd@netcom.com