What I dislike about this particular rationale is that I presupposes we should architect web security such as to avoid enhancements which have value to anyone the least common denominator.
Is the average user (actually, the bottom rung of the concentration of values around the average, I suppose) the only user our interfaces should target? On Mon, Dec 11, 2017 at 5:21 PM, Hanno Böck via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > > > I support the removal of special treatments and UI for EV > certificates. > > Rationale: I believe plenty of security research shows that it is > incredibly hard to communicate security indicators to users. If you ask > average users about the meaning of green locks, green URL bars or > anything else they will usually not know what it means. > > What I dislike about this particular rationale is that it presupposes that we should architect web security such as to avoid enhancements which have value to anyone beyond the least common denominator. Is the average user (actually, the bottom rung of the concentration of values around the average, I suppose) the only user our interfaces should target? _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy