I've only had time to skim the proposal for the moment, but will return and pay it full attention when I get a bit more .. some quick thoughts, though:
- having NSS or the underlying platform recognize certs as being one of these varying levels sounds like a good idea - the levels must mean something in terms of binary differences; ie: level 0 = encryption, level 1 = encryption + DV, level 2 = encryption + DV + identity validation, level 3 = etc, etc. in order to be useful in terms of differentiating UI presentation. - I don't know if I agree with Gerv's statement that this is a UI proposal; it might be in its expression, but I think there's foundational goodness here just like the foundational goodness we're seeking with EV. More metadata available to the system means more signals we can draw on to present concepts to users (this is why I'm pretty insistent that the varying levels each represent the presence of an additional signal) - Opera has multilevel UI presentation at the moment, and it's arguably unsuccessful, but interesting nonetheless cheers, mike _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
