On Friday, December 15, 2017 at 1:50:38 PM UTC-6, Ryan Sleevi wrote: > I'm not sure I made those statements, but would be happy to clarify the > confusion. Indeed, as I tried to call out, there are a subset of users who > are looking at it and relying on it - although it cannot be relied upon - > and any proposition to improve it via validation means is fundamentally > asserting that users SHOULD be relying on it (as it derives its value from > that), which I believe is a user-hostile conclusion. > > That is, put differently, if users are only 'safe' if they rely on that UI, > then we've failed them. > If users rely on that UI, and they're not safe, then we've failed them. > > In short, the UI has failed them.
So much of whether this is true depends on definitions and degrees. When we talk about "safe", surely we're not speaking in absolutes: We're in agreement that all reasonable definitions of "safe" in the human experience sense of the term involve known and unknown non-zero risk, right? It's curious that numerous users are asking for a "user-hostile" condition to be perpetuated, isn't it? Some might define user-hostile as, for example, a reduction of functionality without suitable replacement in sight. > I have already showed where and how this confidence is fundamentally > misplaced. Yes, you may feel confident. No, that confidence is not based in > the technical reality. Even with "enhanced validation" (which, again, is > fundamentally problematic and challenging, as shown through WIPO, and > itself unrealistic), the underlying technology itself - and the threat > models - don't align. Except -- and I imagine this is the really inconvenient fact that has led to EV's survival up to this point -- you can't actually show that anyone who ever relied upon EV suffered any harm for having made that reliance. I get that it's difficult to document the causes for that or why facts have aligned that way. Just because we can't see with perfect clarity the cause, that doesn't mean we can't acknowledge the reality: No one is attempting do actual consumer harm with improperly acquired EV certificates. No case that I (or apparently anyone else here) could think of any case of consumer harm for reliance on an EV certificate's enhanced UI by way of an improperly issued or deceptively acquired EV certificate. Are we truly to buy that it's coincidence alone? If it isn't coincidence alone, more thought should be given to saving it, warts and all. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
