On 12/23/08 12:12 PM, Justin Dolske wrote:
On 12/23/08 11:27 AM, Kyle Hamilton wrote:
I'd rather deal with disruption caused thereby (and, yes, the user
complaints generated thereby -- at least then the end-user would KNOW
that there's a problem that's being dealt with rather than having a
FALSE SENSE OF SECURITY)

Hmm, would they?

*sigh* I somehow managed to click "Send" mid-message.

Anyway, the rest of my incomplete thought:

...I think there's some risk that if a Firefox update suddenly breaks a large swath of legitimate SSL sites, that could end up training users to ignore the problem. I'm not even sure how you'd present this condition to Joe The User in a comprehensible way.

That said, the Comodo/Certstar is hugely sucky and I would hope there's something we can do about it that helps users.

Justin
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to