On Tue, Jul 7, 2015 at 7:51 AM, Richard Barnes <rbar...@mozilla.com> wrote: > To echo Gerv's point: How is the user supposed to evaluate whether to > trust the EU list?
I was not imaging a first-launch UI to choose, rather an option similar to what is available today for adding CAs. There is a special mime type that triggers a UI in Firefox to ask the user to trust the certificate. There could be a similar mime type for a trust list. However, I would imagine the common use case would not be the end user, rather would be adding trust lists through central management. That could be via the CCK or via a similar mechanism. I don't think that the average individual user is going to be adding trust lists. Thanks, Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy