On 29-Jan-09, at 8:29 AM, Ian G wrote:
On 29/1/09 13:31, Jean-Marc Desperrier wrote:
Gerv, what about changing the Firefox SSL page/implementation so
that in
that situation, for those 99% of the market, it gives the most
informative information, non scary, non blocking possible ? Even when
there was an error in the configuration ?
And then for the remaining 1% you put a very scary message, that's
impossible to get through for an average user.
I should check what Chrome puts behind the "help me understand" link.
+1, and to Johnathon. I also wanted to point out that the above
page is the sort of into that I'd like to see when Firefox hits a
confusing cert.
I think I'm hearing an RFE to change the cert error page to link to
elaborated information elsewhere (probably on support.mozilla.com, but
maybe on mozilla.com itself) which explains this problem to users,
possibly with a section for site administrators too. I might also be
hearing a request to change the blocking behaviours in those cases.
I'd say the thing to do is file bugs. Firefox::Security should work
as component for both of them, since you're talking about the firefox-
custom about:certerror page. Eventually we'll probably need a related
bug to create the appropriate web content for the former, but first we
should iron out the details of what's being described. Neither change
would make 3.1 since we're past string-freeze and about to release our
last beta, and these are changes that should have beta exposure, but
3.2 planning is already beginning.
Cheers,
Johnathan
---
Johnathan Nightingale
Human Shield
john...@mozilla.com
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
