D&C Lug - Home Page
Devon & Cornwall Linux Users' Group

[ Date Index ][ Thread Index ]
[ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Bad banks



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

andy@xxxxxxxxxxxxxxxxxxxxxx wrote:
> P.J.Weaver@xxxxxxxxxxxx wrote:
>
> HSBC works well too, except for their Business Banking which
requires Window$ because it allows them to implement extra security
> (now there's a contradiction!!!), something to do with
certificates???

Sounds like an excuse for lazy site design, and that is the
problem. If you take your business elsewhere because a site is
MS only, let them know, it is the only way some sites will
realise how much they lose. I've seen some sites claiming that
95% of browsers are IE, but this is just not the case on general
purpose sites that are fully accessible to other browsers.

Curiously certificate issues was the governments claim (well
Microsoft's excuse) for the Government gateway being Microsoft
only originally.

When I looked into that one it turned out that in fact they had
to implement a complicated hack to use certificates because IE
didn't support the relevant standard for certificate based
authentication, and the fudged solution only worked with IE, and
not browsers like Netscape that did implement the relevant standard.

I know of no obvious lack of security features in products like
Mozilla,it will present certificates and negoiate secure
connections nicely if that is your thing.

By and large the standards to do this are built on SSL, X509,
and the like, and since the building blocks are available as
free software most of the free software browsers implement them
(at least if one development team member has ever needed it).
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+Hu6uGFXfHI9FVgYRAjvMAJwIEPf85pEXQLPePx+lB/fNM98JygCdFuya
qtV8pZVx8AOQa4LOXE3Sqw0=
=SYy9
-----END PGP SIGNATURE-----

--
The Mailing List for the Devon & Cornwall LUG
Mail majordomo@xxxxxxxxxxxx with "unsubscribe list" in the
message body to unsubscribe.


Lynx friendly