Transparency in how you secure your shit is basic diligence, then the user trusts that that is accurate and properly implemented. I'd never use a service that didn't do that; just as I have a firefox addon (CipherFox) that shows what cipher a site is on, so if I see, for example, RC4, I know it's secure in name only.
Exactly.
Transparency in how you secure your shit is basic diligence, then the user trusts that that is accurate and properly implemented. I'd never use a service that didn't do that; just as I have a firefox addon (CipherFox) that shows what cipher a site is on, so if I see, for example, RC4, I know it's secure in name only.