Johnathan Nightingale wrote:
[...] I doubt it will surprise you to know that Kyle isn't the first person to throw such stones. What is comparatively rarer is helpful, balanced suggestions for moving forward.[...]
I wish I manage to find the time to make some constructive suggestions about it. Meanwhile it would be great if you were more active on the group here, because I think it's much adequate than blog post (and more visible, so more open, that a bug entry) for such discussion (as long as it doesn't turn into a flame war :-( ).
I appreciate that the recent change in Firefox 3.1 SSL error screen show that you wish to enhance it, but I regret that a good part of the change is in the wrong direction.
The error is that you decided to hid from the user most of the information about what kind of error was encountered.
This is really bad because the *major* problem with the SSL error screen is that at least 90% of the time when the user encounters it, it's a false positive. Nobody is *really* actively trying to attack him.
There will be a problem with SSL error screen as long as 90% of those screen are false positive, but displaying the info about the nature of the problem at least helps the user to figure out why he got the screen so why there was a false positive, so trust the screen more, and not just ignore it the day where it's not a false positive.
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
