Eddy Nigg (StartCom Ltd.) wrote:
Not yet obviously! There are certain indications in the draft, which
suggest high costs for the CA and therefore for the subscriber.
Higher, certainly.
Can you be more specific than "various reasons", and explain the
reasoning behind your "most likely"?
Many companies, specially smaller ones, will have various problems to
satisfy the requirements of the EV standard in addition to the most
likely high costs entailed with the extensive checking!
Which requirements do you think are particularly burdensome?
(Please also remember that work is being done to extend the EV
guidelines to make it possible for individuals to get certs.)
Indeed. And I submit that the user has two possible states in mind:
"enough" and "not enough".
This depends on the level of risk involved! Enough and not enough is not
something general, whereas enough for A, might be not enough for
performing B and otherwise. We suggest to give an indication HOW
rigorous a subscriber was verified. According to this indications a
relying party can make a proper decision if to proceed.
Can you talk me through the thought processes of someone trying to make
that decision, if the UI is as you state?
"OK, that's a purple bar. Now purple is one step above white and one
below green. That means, let me think, it's OK for me to make purchases
up to $500, as long as I use a credit card with payment protection, but
it's probably not safe for my debit card."
?
I suggest that there's only really one level - "safe for my credit card
number".
Good! Therefore we should focus on how the UI can be improved properly
to give the most and best information to the user,
I completely disagree that we should focus on how to give the *most*
information to the user. *Best*, certainly.
about how a digital
certificate was processed. Your suggestion of enough or not enough is
just the padlock in another form! Not much is gained here...You might
just leave it as is!
It is certainly theoretically possible that we could choose to make the
padlock the EV indicator. However, I suggest that the practical effects
of that would cause great confusion, as initially the lock would
disappear on a lot of sites.
Because valuable information is included in a digital certificates, such
as details about the subscriber, issuer and additional notes of the CA.
Displaying this information might help to prevent user mistakes and
provide indication about the certificates policy etc.
Given that we have difficulty educating users even to look for a padlock
(although admittedly this has not been pushed hard, at least by us, due
to the lack of a standard underlying the padlock), I suggest that
presenting more information is not going to help.
Usability suggests that we need to present the minimum information
necessary for the user to make the decision at hand. The decision we are
thinking about is "can I put my credit card number into this site?".
This is a yes/no question, and so a yes/no indicator is most
appropriate. Most users do not have the understanding or tools to make
this decision based on raw certificate data.
Gerv
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
