But how different would it be for the end user to accept a single pop-up for an EU trust list (based on IP address) from the multiple EU cookie pop-ups that web sites present?
-----Original Message----- From: dev-security-policy [mailto:dev-security-policy-bounces+ben=digicert....@lists.mozilla.org] On Behalf Of Gervase Markham Sent: Tuesday, July 7, 2015 6:13 AM To: mozilla-dev-security-pol...@lists.mozilla.org Subject: Re: Letter from US House of Representatives On 06/07/15 17:44, Ben Wilson wrote: > Thanks. I realize/think that this would require a separate root > program. If you think of it as a Venn diagram there would be Set A > and Set B. The user would then select A, B, A U B or A ∩ B. The trouble with this is that, while it makes sense to you or I, Mozilla is not keen to ask users to make decisions where they have no meaningful understanding or basis on which to make that decision. I cannot imagine a UI for "select the lists of CAs you trust" which would enable a user to make a meaningful decision, or realise when something breaks that it was a consequence of their previous decision. This is why we have a root program, rather than a startup wizard with 100 CA checkboxes to review :-) Gerv _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
