Duane wrote:
I've been told konq visually makes the characters stand out (bolds
them I was told)...
On my Konqueror (3.3.2/FreeBSD), there is no bolding,
however the 'a' is slightly smaller and looks like a
different font. That's only on close eyeball examination
though, you'd only pick it up if looking hard. Also, the
'a' didn't survive a cut&paste, and I ended up with
pypal.com via that route.
Exactly the same effect on my Firefox (1.0) BUT it did
not pick up on the dodgy certificate. Konqueror went
through the whole 'this is not a valid cert' popups
rigmarole which I blandly clicked through ... but Firefox
did not!
Is this a valid cert? Who is USERTRUST? I never heard
of these guys, and Firefox has definately offended me
by claiming
"The website www.paypal.com supports
authentication for the page you are viewing. The
identity of this web site has been verified by The
USERTRUST Network, a certificate authority you
trust for this purpose."
That's a bug. I do not trust USERTRUST for any purpose,
and I've never even heard of them, so there is no way that
I can trust them!
Probably what it should say is ... I don't know - that's a
really tricky one. C.f., discussion over this weekend with
Frank Hecker on "trust bits" but we can't use that term
in user notices.
A second bug is that it took me a while to find the cert
information. Clicks on the padlocks did nothing, I guess
this is a FreeBSD bug? Anyway, I found it under Tools/PageInfo,
which I'd describe as "obscure" and our average users
will probably find it tough. Hopefully the padlock click
failure would work for them though.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
