Jeremy Morton wrote:
> Nelson B wrote:
> [...]
>> Since the users tend to understand any such indicator as meaning that
>> their traffic cannot be read in the clear except by the intended
>> recipient, we want the indicators to mean exactly that.  That is why
>> we do not propose to offer an indication of encryption without 
>> authentication.
> 
> OK, that's fair enough.  However, from the mockups it looks like when 
> you click on the bit on the left, you get a larger popup showing - 
> separately - the identity of the site (if any), and whether the 
> connection is encrypted.  Are you really saying you'd remove that 
> encrypted bit for HTTPS with self-signed certs?

I don't know what Johnathan plans to do with the "Elaboration Popup"
for self-signed certs.  I would hope it would appear to convey no
stronger a message than that of the "Unknown Site", as shown in
https://bugzilla.mozilla.org/attachment.cgi?id=278112

-- 
Nelson B

_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to