On 4/4/2010 10:41 PM, Daniel Veditz wrote:
On 4/3/10 9:30 AM, johnjbarton wrote:
If the *users* of Firefox are truly in jeopardy, then this alert should
be provided to *users*. Since this alert is not shown to users I can
only assume that in fact there is no practical threat here. You're
putting this message in the Error Console because you can.
We plan on alerting users in a future update. This is fair warning
to server operators and those who are debugging their sites.
If this is a real threat don't users deserve a fair warning now? How is
it ok to let users be compromised "only for a while"?
The Firefox 3.6.3 release shows how Mozilla can react if it knows about
a real threat. So I have to conclude that you believe this threat is not
significant.
In that case working to close this potential problem is a laudable work
we all thank you for. Just please choose a more appropriate
communications channel.
jjb
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
