[cap-talk] Webkeys vs. the web

Raoul Duke raould at gmail.com
Mon Mar 23 14:40:46 EDT 2009


> You can always use the "Remember me on this computer (don't use for a public computer)" check box to let the user decide.

it worries me a little that whatever security advantages there are
from implementing some capability system can be undermined by using
lamer security systems as well e.g. the user has to log in to their
machine + then is automatically remembered; maybe their login password
is really lame.

while i don't really think the cap implementation has to solve the
problem of bad user login passwords, i wonder what people's thoughts /
opinions are on this 'issue' -- is it seen as a total non-issue?

thanks.


More information about the cap-talk mailing list