On Mon, 2006-01-30 at 02:41 -0500, Eric Dorland wrote: > * Drew Parsons ([EMAIL PROTECTED]) wrote: > > On Tue, 2006-01-24 at 09:19 +0100, Mike Hommey wrote: > > > > For goodness' sake, what kind of madness is this?! I seriously do *not* > > appreciate having my web browser telling me which sites I can and cannot > > connect to. > > Try to calm down. >
Sorry. I think I was vexed in particular by the way Mike summarily dismissed my concerns without leaving room for discussion. > > There's already the warning about low-grade encryption once rc4-40 is > > enabled. Why is this warning inadequate? It's not firefox's place to > > decide whether it's safe for me to connect to a given 40-bit encrypted > > site. > > I made this decision back in the 1.0 days, where this warning was not > present IIRC. I think this was the right decision at the time because > it was not clear to the average user that anything was amiss... it > looked just as secure as any other site, which certainly was > completely unacceptable. > OK thanks for the explanation. I thought there had always been a low-grade warning, but the past doesn't really matter, it's what we do with the present that counts. > But if now firefox is issuing a warning, I think we can permit it by > default, and allow users to make there own choice. > That'd be great. Thanks for taking my complaint seriously. Drew -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
