I am a user. I am worried about MITM attacks. Unlike most users, I'm technically and legally savvy enough to know: 1) Why to perform my due diligence 2) How to perform my due diligence 3) How to add the root into my store
However, I have additional problems that I can't deal with through the standard Mozilla user interface (or any browser that I have access to's interface, realistically). For example, I cannot easily see who issued a given certificate, or what root it chains up to. I cannot apply an attribute to a root certificate saying "not a financial-services certification authority". I cannot see details about the chain without having to go through multiple difficult-to-get-to windows. If it wasn't already obvious from the past five years that I've been on this list, I resent the way that Mozilla's developers have chosen to make it continually more difficult for me to do what I need to do to ensure my own security, by concealing more and more information (there was the "blue site name" bar, which was disabled by default in FF3, which provides one-click access to the information I need -- whereas the lock icon at the bottom requires a double-click). Further, I resent the fact that there's a "this web site does not supply identity information" line. THAT IS WHERE I NEED THE SUBJECT TO BE PRINTED. I honestly don't care one whit that it's not an EV certificate. I need the Subject, because I need to see at one glance if it's a "Domain Control Verified" certificate, not have to double-click the lock and then click "View Certificate". If you want to point out that this is not extended-validation, that's fine -- but for the sake of the users, don't try to "protect" them from "unverified information". It is my unshakable belief that if a user EVER has to examine the certificate itself, or go into the interface to do so, the goal of the user interface (which is to provide information) has failed. This is NOT, however, a statement that the ability to view the certificate should be removed! (Especially given Mozilla's track record at creating useful user interfaces for certificate data presentation -- every time they've done something right, they've gone back two revisions later, declared it "useless", removed it, and put in something even more wrong.) I believe that CA branding on the UI is necessary, so that the user can do the due diligence which Mozilla is arguably NOT doing on the user's behalf, no matter that Mozilla appears to claim that they are by requiring audits to WebTrust criteria as a prerequisite to joining the "big CAs club" of Mozilla's trust list. -Kyle H On Sat, Dec 27, 2008 at 11:26 AM, Ian G <i...@iang.org> wrote: > On 27/12/08 20:01, Eddy Nigg wrote: >> >> On 12/27/2008 05:38 PM, Florian Weimer: >>>> >>>> Isn't that, by itself, a very good reason to take immediate action? >>>> Security should be default-fail rather than default-pass. >>> >>> This is not about security, this is about the presence or absence of >>> an obscure browser warning. >> >> Huuu? Have you understood the issue at all? I'm not sure...however it's >> not about browser warnings. This is about security proper. Or how else >> would you explain an MITM attack? > > > Security proper is about risks and threats and costs for end-users. Ask > them whether they are worried about an MITM attack :) > > Anyway, old debate, not going to be solved today. > > iang > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
