Hi Grev, Here a proposal for this current thread. Anything below is assumed by me and please correct me if I'm wrong!
As it seems, there isn't an overwhelming support for the green address bar proposal for EV certificates at this mailing list. The suggestions and replies are from outright hostility, to severe skepticism to some lukewarm support the most. Most responses seem to be negative, for various reasons. In order to improve this situation, I thought to come up with this proposal: I assume, that implementation of the greenish thing is meant for Firefox 3, since only bugs and security fixes are performed in between releases. This give us perhaps some time for the following: 1.) Wait for the CA/ Browser Forum to actually confirm the EV Guidelines. We are currently discussing a draft which might be changed still. 2.) Organize a "task group" of interested individuals and parties, which should discuss and make recommendations and offer various options on how digital certificates should be presented in the future. Up for discussion might be every proposal and the groups responsibility would be to make its recommendation until a certain date. I could imagine proposals for this group, such as the address bar, display of information, saving of fingerprints (ssh like), error behavior and more. 3.) After the dust settles on this discussion and the group would make its recommendation a decision would be taken also about the EV proposal (obvious) and an improvement of presentation and handling of digital certificates in general. The group might consult with the various developers for feasibility, specially if it would require changes of the NSS module and of course the UI. Is this something useful, which might get us a step further? -- Regards Signer: Eddy Nigg, StartCom Ltd. Phone: +1.213.341.0390
_______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
