Two posters have taken issue with the BOClean item. Without getting into any of the esoteric questions raised, perhaps it would be a VERY good idea to take a look at the real issue.
That issue would seem to be that FireFox comes "out of the download" with some fairly questionable sites automatically setup as acceptable security certificate issuers. This is a real problem. Many users, in fact most users, have no idea what the certif's are or who should be issuing and verifying them. Additionally we have all seen recently ways that unscrupulous ones have managed to get apparently valid certifs. Cerif's are a real problem and NOT one that an average user should be expected to handle. So let's see some immediate action by Mozilla // FF to correct this problem. If FF is not willing to deal with the certif problem better, then there needs to be a third party, like the folks ot SpywareBlaster, take on the issue of providing info on valid trustworthy certif issuers. In any case FF needs to put this situation up front to the user. And notclaim to have "handled" it by "tools options.... " And is this not just another example of the flawed philosophy of "push" vs pull. Users are far better off when such well thought of programs like FF do not come "out of the download" ready to bite users. It seems that by automatically facilitating certifs from less than totally upfront sites, FF has left its users just ready for being con'd. disappointed Oops199 _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
