Xplo Eristotle wrote:
> the majority
> of the interface you describe is going to be utterly meaningless to the
> majority of Mozilla's users (IMHO)
That's true for many prefs. It might even be the nature of prefs.
> and has nothing really to do with
> the function of a browser
*ring* Mozilla is not just a browser. It is also an email client.
>> 2. If you just want to transfer your credit card number to a web shop
>> without anybody listening, you have to understand only a fraction
>> of PSM and its UI.
>
> Which fraction would this be?
Somebody else might want to answer this.
> And when in the past (if at all) have
> users been required to understand this fraction
Always, whenever they used SSL intentionally. (SSL was introduced in
Navigator 1.0, IIRC.)
> and if they were, how
> were they made to understand it?
That's an entirely different problem.
E.g. by this text of the Security Info page: "The identity of this web
site has been verified by [EMAIL PROTECTED][...], a certificate
authority you trust for this purpose - not by mozilla.org."
User education (in Mozilla) can probably improved, but that's unrelated
to our discussion of what options to include in the PSM prefs.
> If I need to mess with some sort of
> preferences, and the phrase "and its UI" leads me to believe that I do,
"its UI" primarily refered to the "Security Info" page you get after
clicking on the lock icon.
You are also supposed to adjust the trust in certs. This assumes you
know what certs and CAs are, how trust is propagated. You also have to
know what happens when https is used and how servers are authenticated
(not the technical details, but the principle).
> how will I know which part to mess with
That's a good point. Any suggestions?
>> I'm sorry, but this shows that you are lacking even enough knowledge for
>> the 2. task above.
>
> I'm afraid not, since I have *done* #2, above.
But it might not have done what you thought. E.g.
* you probably assumed that nobody else can listen. But if 40 bit
encryption was used, this assumption may be wrong.
* You might have assumed that <https://www.barnes-and-noble.com> is
managed by the well-known Barnes and Noble, while in fact it might
be Evil Guy Corp.
* You might have assumed that if a CA (e.g. Verisign) states that
<https://www.barnesandnoble.com> is managed by Barnes and Noble,
that this is in fact true. But Verisign might be so keen on money
that it issues wrong certificates, if paid enough. Or they are
clueless and a cracker broke in their network and was able to sign
arbitary certs with the CA cert. Or the CA Bin Laden deliberately
issues wrong certs to bombardize eCommerce.
(I admit, this last problem is a bit made-up.)
> What this indicates to me is that this aspect of browser security can be
> made transparent (or nearly so), since it has been already.
As shown above, this is wrong.
> let alone
> sifting through what seems to be an excessively complex and arcane UI to
> do it...
OK, if it is *excessively* complex and arcane, this needs fixing. But I
fear that most of your points don't help with that task, because you are
basically saying that almost all UI for PSM should be removed completely.
[smart card details]
> If I'm not supposed to
> understand that here, then why am I expected to understand it in the UI,
You aren't.
> even if the correct thing to do is ignore it?
If you don't understand a pref, the correct thing is to ignore it. That
is the priciple of almost all prefs in all apps.
> Security through obscurity
> is an exceptionally poor design philosophy, IMO.
*ring* Quote used in the wrong place.
>> > Shouldn't the OS be handling all of that?
>>
>> What, if the OS doesn't?
>
> You're telling me that the OS can't handle a peripheral and its driver,
> despite being designed for that purpose?
s/can't/doesn't/. Or where in [insert your favourite OS] do you find the
kind of management functions Mozilla and 4.x have for smart cards and
their readers?
Smart card readers are connected via the serial or parallel ports of the
computer. Is has always been this way that applications manage the
devices that are connected there and that the OS doesn't provide special
functions for.
> If you still don't know why after reading this far, I strongly suggest
> you find outside help for both your UI design and your user studies,
Note: I am not a PSM programmer. (If you don't count my UI and build
patches.)
> because you are obviously missing the point.
Your point seems to be "I want to use this without prior knowledge,
without external help and without reading the manual" (since Bob said
that help is on the way). This point is wrong for browsers, computers in
general and just as much so for PSM.
[quality meter]
I'm not arguing about that, because almost everybody else seems to agree
that it is a good thing.
> Will Mozilla
> inform me that the server I'm trying to connect to uses only weak crypto
> and that I need to turn the weak crypto back on?
Somebody else can answer that?
> How difficult would it be to have an
> error dialog that gives the user the option or temporarily re-enabling
> the weak crypto without having to go into the preferences and change
> them?
Good suggestion.
