Talk:Public key certificate
From Wikipedia, the free encyclopedia
"...a public key certificate (or identity certificate) is a certificate..."
Isn't that a bit like saying, "A roundle blomfin is a blomfin..."
If you don't know what a 'blomfin' is, then the explanation of what a 'roundle blomfin' is won't get you very far.
81.187.233.162 15:18, 27 April 2007 (UTC)
- Good point. I tried to clarify.--agr 16:18, 27 April 2007 (UTC)
- If you link to "blomfin" in the sentence, though, the user can get that information if they do not need it. That way, the information is not duplicated. Should we describe what a certficate is on a page other than "certificate"? Dprust 17:54, 11 May 2007 (UTC)
I removed this section because it has the look and feel of a shameless plug coupled with being-written-in-five-seconds-ism. In particular, notice the lowercase "i" in the quoted text:
[edit] Removed from criticism =
Public key certificates are often used for web server identification (eg. https protocol). Usually people don't understand the security model of public key certificates and neglect to read the alert information. This would result eg. in phishing attacks, when the phishing site's certificate was issued by an untrusted CA, the user click on the "go on, i want to use the application" button, and at the end the user trusts the phishing site, because "he/she can see the security lock in the bottom of the browser". There are a lot of other critics for PKI by Peter Gutmann.
I figured it was best to move it to the discussion page for, well, discussion. =) As is, it's pretty bad. Change it or lose it? --69.233.2.125 05:16, 28 September 2007 (UTC)
