On 30.12.2008 23:34, Kyle Hamilton wrote:
That difference /can/ be communicated to the end-user, unobtrusively.
Sure, but they can't use that information. I just asked a friend whether
she knows what VeriSign is - she never heard of it. If you have no
concept about how all that works, no idea what a MITM attack is, how can
you make a decent decision?
Besides, the amount of colors we can use is limited. ;-)
We'd be happy if people would even check the domain name in the URLbar
and the lock icon!
Most people here were surprised to learn that Comodo has 7000 resellers
- how is a user supposed to know all the levels of verification, esp. as
we seem to find new lows all the time? The problem at hand is that
Comodo's RAs under PositiveSLL simply made no verifications at all,
although they were *legally required* to do so. How are we supposed to
match that to UI? We can't. It's simply a failure of the CA. They get
worse and worse and worse. It's *not* a UI problem. We just have to yank
them, it's that simple. Then, users don't have to worry.
I think that separating out the nss team (those who are actually
passionate about cryptography, and hopefully know about how to use it
and what its limitations are) from the security team (those who are
operating from completely and hopelessly useless models and are too
afraid of "user acceptance" issues to fix them) was probably the most
short-sighted thing that Mozilla could have done from a security
standpoint.
I seriously don't know how you arrive at that conclusion, but I can
assure you that the security team very much has the interest of users at
the heart, and most are passionate about it.
In fact, it's because I care about users that I have that option. I
don't care much about SSL for myself, I don't trust it anyways (apart
from usual bank stuff, which is IMHO and by law the bank's problem, not
mine).
Ben
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
