On 4/2/09 10:49, Kyle Hamilton wrote:
Realistically, the only way to describe this kind of thing to an
end-user is to bring up something -- in a language the user can
understand -- that explains what's going on with the connection. My
current thinking is that this needs to be brought up for all
connections, not just connections that have something wrong with them
-- get users to understand what a "normal" connection to their bank or
Amazon or other e-commerce sites looks like, and inform them of the
problems (and Mozilla's recommendation that they not enter any
privileged information into the site) when something's amiss.
This requires, once again, changes to the chrome.
Oh, yes. It requires active work, experimentation, looking at the
academic literature (briefly) and taking some huge risks ...
Those huge risks will be required for huge lessons, which is why it is
not actually so smart to lobby incessently for or against things like
the 4-click exception we currently have. That didn't work, now we see
it, now we have a huge lesson.
The best work was done a while back within some sort of plugin or
"profiles" framework, where Trustbar and Petnames battled it out with
centralised database approaches like google's or Netcraft's.
Where can the reports on the users' behavior with alternate interfaces
(by Gerv and/or by Johnathan) be found? (I'm most interested in
looking at the testing methodology, interface design methodology,
interface description/mock-up, sample size, sample constituency, user
actions taken, and how user actions taken were interpreted.)
Lol... I'm afraid those would be *scientific experiments*. The work
that has been done here is more ad hoc. Not that this is in anyway
wrong, and I believe it to be better; the market will tell us far more
quickly than academic rigour.
Gerv created the famous yellow URL bar back in 2005 or so, as phishing
was just starting to get its teeth into western-anglo net commerce.
That yellow bar may have had the effect of sparking other players into
action, as shortly after that, the browsers got together, and also the
CAs, and together they nearly killed the market for experimentation.
Johnathan is doing what you see now with Firefox. To correct earlier
errors of mine, there are 2 people helping him (I don't know their
names, nor where they are found, nor do I know why it isn't 20, nor 200...).
iang
On Fri, Jan 30, 2009 at 5:09 AM, Ian G<i...@iang.org> wrote:
On 30/1/09 13:25, Jean-Marc Desperrier wrote:
...
Don't take it wrong. I'm strongly in favor in bringing information, but
finding what information will be actually useful is *hard*.
Oh, yes. That's why I *strongly and vociferously* support the experiments
that have been conducted by Johnathan and in the past, Gerv, in order to
search for the way that works with users. Only by a mix of careful thought
and rough& tumble in the userspace will we find the path.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
