This might be a bit drastic. The sites that one would want to protect against are https like paypal, banks, ebay and so forth. How about having a white list of https sites?
We couldn't have a global whitelist - everyone's 20 sites is different to everyone else's.
If you mean a personal whitelist, that's what the hashed SSL domain history proposal is about.
http://www.gerv.net/security/phishing-brower-defences.html
Gerv _______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
