Ian G, 14.02.2007 00:40: > But, that's blue sky. About the only thing that you could > do right now is say: > > CA TrustMeDoc claims BillyBlue is behind http://BB.com/ > > I don't know where "safe" or "trustworthy" fits in ...
Well, as you know SSL is not only checking the authenticity but also provides confidentiality. So the "safe" just refers to the latter, that the line is encrypted, and nobody else but the correspondent can read it. That's why i think, that the padlock was only a mistake in terms that it has been misunderstood. It just tells me, that the _line_ is safe, not the correspondent. I would like to have both information presented seperately: 1. is the line encryped? 2. who tells me what about the correspondant node? How to present these two things with the least potential of misunderstanding (also for Alices and Grandmas) I have no clue, and is most probably a tough task. (Maybe a symbol for a "whisper"-mode, which also shows an "ID field" which content is left to the user to check? But then you can also keep the padlock as a whisper-symbol and complement it with such an ID field.) Cheers, Sven -- http://sven.anderson.de "Believe those who are seeking the truth. tel: +49-551-9969285 Doubt those who find it." mobile: +49-179-4939223 (André Gide)
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
