Florian Weimer
Tue, 09 Sep 2008 13:14:29 -0700
* Peter Gutmann: > On a semi-related topic, it'd be interesting to get some discussion about FF3 > removing the FF2 SSL indicators of the padlock and (more visibly) the > background colour-change for the URL bar when SSL is active and replacing it > with a spoof-friendly indicator that's part of the favicon, i.e. part of the > attacker-controlled content.
To keep this in perspective, note that you could disable the location bar altogether in FF2 (and that default changed in FF3), so the FF3 approach is actually an improvement. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]