Ka-Ping Yee wrote: > I'd like to know what became of this discussion. Most of the user > training surrounding phishing seems to be about teaching users how > to correctly parse the top two levels of the domain out of the URL, > and that's a silly thing to waste effort trying to train humans to > do when it's a trivial task for the computer. Emphasizing or > isolating the top two levels of the domain in the UI, though non-ideal, > would be a positive move; IE would find itself playing catch-up to > the Firefox UI yet again.
Except that "top two levels" is not the right heuristic. See http://wiki.mozilla.org/Gecko:Effective_TLD_Service for what we are actually doing. And the Locationbar2 extension for some UI ideas. Gerv _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
