Recently, the Shmoo Group discovered that Firefox is vulnerable to precisely the exploit that i predicted in my 2002 paper—Ping

➡

The central point of my essay on the petname toolbar is that phishing is the result of name conflation.—Tyler

➡

So how, in this system, does the user come to trust Paypal (as opposed to someone pretending to be Paypal)?—Ben

➡

If I’m understanding the discussion so far, I think the answer is that the issue of trust is separate from the issue of identity.—Jed

➡

Indeed, but I am no closer to understanding how the user ever gets to a state where they can do anything useful.—Ben

➡

I gave some examples in my next message on this topic. Perhaps you could address them.—Jed

➡

I agree it solves the problem of confusable URLs.—Ben

➡

What don’t you believe is practical?—Jed

➡

The physical communication of trust relationships. —Ben