On 23/03/12 07:15 AM, Yvan Boily wrote:
Shane and I were having a quick chat about privacy and security UX and
we ended up chatting about an interesting concept to improve the user
experience when a 'bad' certificate is in use (expired, self-issued, etc)
Just to present a difficulty. I can't really present anything
constructive because I'm not so sure I understand the idea.
The problem with 'bad' is that you have one definition and the customer
has another. If you say 'expired', 'self-issued' etc ...it may be that
the customer knows or overrides this. At its extreme, this is sometimes
known as click-thru syndrome, where the customer has been trained (by
firefox?) to ignore all the warnings.
There are essentially 3 categories with certs.
a) I don't know of anything wrong (unrevoked, unexpired)
b) I know that technically this isn't quite right, but I don't know
whether it is bad (expired, self-issed, etc)
c) I know there is something wrong (revoked) but I don't know what
d) I know this site is listed bad by external agents (some database)
This is a very handwavy set of knowings. Most people would say you
don't really know bad, you're just hoping you're not wildly wrong (cue
in some stats here).
If you then mix that with an equally handwavy set of knowings such as
name being personal data ...you could find you're in for a lot of effort
and while the result is worth an academic paper or two, it might not
reach users in enough circumstances to make it economically worthwhile.
Just some thoughts, knee-jerk criticism, I know :)
iang
_______________________________________________
dev-security mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security
