On Wed, Feb 02, 2005 at 10:11:54PM +0200, Amir Herzberg wrote: > We develop TrustBar, a simple extension to FireFox (& Mozilla), that > displays the name and logo of SSL protected sites, as well as of the CA > (so users can notice the use of untrusted CA).
Other merits of the idea aside, if the user knows the CA is untrusted, what's it doing in the browser's trust path? If we're going to assume users are capable of making this decision, we should make it easier for them to express that decision properly within the existing mechanism. -- Dan.
pgpKGu99hlUjy.pgp
Description: PGP signature
