The problem with ActiveX (as implemented by IE) is simple:
Users decide who they trust
Users are _not_ qualified to make those decisions. I know of very few
traders who, when offered a XXX strip-poker ActiveX gizmo, won't click
accept. And, as I understand it, once they've accepted one (possibly
innocuous) ActiveX control from a site, they will no longer be prompted for
confirmation. So, what happens if the site is malicious? Or, in a faw worse
case, their private key material is compromised? Microsoft has provided no
key revocation mechanism. So even if I discover that Microsoft (just as an
example of a "trusted" signature) has been compromised, there is no way to
protect my users from bogus code.
I don't know which is worse, ignoring security completely, or giving users
broken security as a pacifier.
Carson Gaspar -- carson @
edu carson @
<This is the boring business .sig - no outre sayings here>