top | item 16496708

(no title)

jis | 8 years ago

Yep. The problem is that most customers cannot judge the level of security offered by a company. So Company "A" says they are "secure," but has a cumbersome process to follow to get a certificate. Company "B" says they are "secure" and has a convenient process. Guess which one gets the business (all else being equal).

In reality Company "B" may well be much less secure then "A", but the customer has no way of knowing that or making a judgement on which company is more secure.

discuss

HelloNurse|8 years ago

On the other hand, a customer who doesn't realize that their private key should never leave their premises has no business asking for a certificate. It's like not selling guns to children.

u801e|8 years ago

While that may be true, that doesn't mean the rest of us shouldn't have the option of using certificate based authentication.