Jeremy Morton wrote: > Nelson B wrote: > [...] >> Since the users tend to understand any such indicator as meaning that >> their traffic cannot be read in the clear except by the intended >> recipient, we want the indicators to mean exactly that. That is why >> we do not propose to offer an indication of encryption without >> authentication. > > OK, that's fair enough. However, from the mockups it looks like when > you click on the bit on the left, you get a larger popup showing - > separately - the identity of the site (if any), and whether the > connection is encrypted. Are you really saying you'd remove that > encrypted bit for HTTPS with self-signed certs?
I don't know what Johnathan plans to do with the "Elaboration Popup" for self-signed certs. I would hope it would appear to convey no stronger a message than that of the "Unknown Site", as shown in https://bugzilla.mozilla.org/attachment.cgi?id=278112 -- Nelson B _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto