Hi,
If I understand things correctly, you want to have the browser maintain a sort of whitelist of domains the user trusts. Whenever the browser encounters a new SSL domain, the user is asked, if she wants to include it in the list of trusted domains. Have I gotten the idea right?
Nope. I don't think anyone with knowledge of browser UI and/or user behaviour and acceptance would propose such a thing.
All right, but what's this about then: http://multizilla.mozdev.org/screenshots/features/spoofing/new-ssl-site-bim.jpg Could you enlighten me?
This screenshot has nothing to do with the (final) implementation for Mozilla Firefox and was discussed as a possible solution only. Note that I (the developer of MultiZilla) used it as an ad-hoc solution to prevent MultiZilla users from phishing attacks.
What's proposed is a list of trusted (or untrusted) TLDs, set by us.
Trusted not to allow homographed domain names, right?
Nice concept, but this still assumes the user will consciously look at the address bar to check the domain although there is no UI indication that tells him to do so. I know every browser does it this way, but I am not sure it is right to expect that much from the average user. (I guess it would already be an achievement if users would really understand the padlock icon...)
I saw this proposed on Bugtraq; I think the participants there explained quite well why it wouldn't work.
I know it's a tradeoff between usability and teaching the user to do the right thing. I just think the current balance puts a bit too much weight on the convenience side.
But thank you for your input :-)
I know I may be getting on people's nerves with this. ;) I just think it's an important decision.
Michael
_______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
