Re: CABForum place in the world

Sat, 03 Jan 2009 06:23:19 -0800 

Good question!

On 3/1/09 06:43, Kyle Hamilton wrote:


The only thing that we can do is make sure that the user has as much
(relevant) information as possible.



So what is the relevant info?

My list of relevant info:

  the name of the CA [1]
  the name that the CA signs
  the previous acceptance status of the cert
     (e.g., number of visits <==> petnames).
  the absence of the above
     (e.g., we are in OFF mode)

My list of irrelevant info:

  the cert details
  the warnings
  the clicks
  the status of the connection (e.g., padlock)

All these are too complex for users.

Others are encouraged to comment :)



We can use our own experiences to
identify what information is most relevant.  We can even ask CPAs and
attorneys (hello, Mozilla general counsel) what information is
relevant, after providing them the list of information that is
compiled.  And we can ask users to help figure out how the information
should be presented.
Sure! This is a research programme that Mozilla could fund, and likely the security people would be happy to undertake. I would propose the following groups: 

   * the security UI people
   * the legal / class action people
   * the finance people

...

What we can do -- and all we can do -- is provide relevant information
that the user can use to make her own decision.  What we can't do is
protect the user from the consequences of his own stupidity.
Arguably, we shouldn't even try.
This question turns on whether you want light grade security or high grade security. If you want high grade security, you should follow the learnings of the security world. That means: 

  * all threats must be validated, not imagined
  * no absolutes exist
  * we need a steady stream of failures to inform us
  * the user must be part of the system
  * the system must be very simple
  * we are part of the system



iang
[1] Disclosure + reminder: this "position" of the CA's name substantially predates my current work with CAs. 
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to