Anders Rundgren wrote: > It appears that the word "branding" in a PKI GUI sent > some bad vibes around but it is really about switching from > unintelligible textual data such as > > CN=John Smith, serialNumber=554544 > > to a card metaphor like you already use in the physical world; > not about annoying the user with Vista-like security pop-ups > that only security experts understand. Something along the > following lines http://informationcard.net is needed. > > Some people have "solved" this issue by making the PIN > dialog branded but that is usually done by assuming that > each card issuer has its own propriety driver.
Sure the UI for choosing the client cert could be improved, e.g. just by displaying more informational attributes from the cert and the PKI properly filling this attributes. But I'm strictly against any service-specific branding in the GUI of a PKI client. It should always look the same no matter which service is accessed. Otherwise a user cannot learn how to do the right thing in general. And experience shows that designers do not have any technical understanding and will tend to overwhelm the user with dancing logos drawing the user's attention from the really important UI elements. I suspect that people asking for branding are also talking about sending something to the client which is then dynamically integrated into the UI (see the new hype AJAX). Given that even most banks do not get their simple web sites right to really prevent CSS attacks I'm strictly against such things. I'm scared that users are tricked. Period. Ciao, Michael. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
