Owen Taylor wrote: > On Tue, 2007-12-04 at 14:29 +0000, Stef Walter wrote: >> Dan Winship got me thinking about the "unable to verify identify of this >> certificate" dialogs we see in browsers when using self-signed or >> otherwise unverifiable certificates. >> >> I'd like to propose [1] that we do away with these dialogs in GNOME. In >> my opinion if we cannot verify the certificate, then we should simply >> not show the UI elements that indicate a secure connection. We should >> just act as if the connection is like any other normal connection. > > Unfortunately, one of the main UI elements that indicate a secure > connection is the https:// URL in the URL bar. Are you proposing to > disguise that as well?
Hmmmm, that's true. In theory hiding such networking details would be ideal, and as Luis Villa pointed out, apparently the mozilla guys are thinking of a similar approach. But perhaps that's too drastic, I don't know. Perhaps when a certificate cannot be verified we could have a question mark icon in place of the SSL lock in the location bar. It may be that when the question mark is clicked on, the user could examine the certificate, and choose to trust it (ie: The use case Pat Suwalski referred to with his mail server). One of the reasons I brought this up is that with the Online Desktop initiative, there may be other UIs (not a web browser specifically) that want to indicate whether a connection is secure or not. I think rather than having everybody display a dubious dialog, we should only light up as 'secure' when we can actually verify it. The point is that the dialog is nasty and baaaad, and should in my opinion be put to bed. Stef _______________________________________________ desktop-devel-list mailing list [email protected] http://mail.gnome.org/mailman/listinfo/desktop-devel-list
