On 13/04/15 18:40, DDD wrote: > I think that you'll need to define a number of levels of security, and decide > how to distinguish them in the Firefox GUI: > > - Unauthenticated/Unencrypted [http] > - Unauthenticated/Encrypted [https ignoring untrusted cert warning] > - DNS based auth/Encrypted [TLSA certificate hash in DNS] > - Ditto with TLSA/DNSSEC > - Trusted CA Authenticated [Any root CA] > - EV Trusted CA [Special policy certificates]
I'm not quite sure what this has to do with the proposal you are commenting on, but I would politely ask you how many users you think are both interested in, able to understand, and willing to take decisions based on _six_ different security states in a browser? The entire point of this proposal is to reduce the web to 1 security state - "secure". Gerv _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform