Bob Relyea wrote:
These same arguments played around and around at Netscape (back when
it mattered to Verisign) about wether or not to include the signer's
brand. In the end it was UI realestate (or the lack thereof given to
security) argument that won the day. In the arena where realestate was
less of an issue, but security was, the signer's logo and name *WERE*
included (remember the 'Grant' dialogs for signed apps). They still
contain those logos today.
Wow. Thanks for reminding me - someone else
on this list told us a while back that this was
indeed the case.
Back then, there were no attacks on browsers,
and the screen UI realestate was a dominating
issue. I would have done the same.
Where are these 'Grant' dialogs? Are they
available under Firefox / Thunderbird?
So, if we were to file a bug asking to revert
back to the security model of the signer's
brand, that would be an easier sell?
Just musing here...
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
