“Well, the previous column really stirred up some
controversy, which isn’t surprising. Most of the responses that
were of the “you are wrong” variety seemed to have misunderstood
what I was trying to say. This is somewhat my fault, as I could
have been more clear, but it is more a problem of perception I
think.“
“SSL itself is an ok protocol. It is used to verify the identity
of the server to the client, and optionally the server can have the
client prove their identity. Where it fails miserably is in it’s
reliance on the user to spot something wrong.”