Eddy Nigg (StartCom Ltd.) wrote:
As it seems, there isn't an overwhelming support for the green address
bar proposal for EV certificates at this mailing list.
Or rather, those who shout loudest don't like it. I've had the great joy
of interacting with many of that group before, and I know where they
stand. However, at this stage I am interested in hearing from Mozilla
community members such as Heikki and dbaron.
1.) Wait for the CA/ Browser Forum to actually confirm the EV
Guidelines. We are currently discussing a draft which might be changed
still.
I agree it would be bad to expose EV in a released version of Firefox
before the guidelines are accepted.
2.) Organize a "task group" of interested individuals and parties, which
should discuss and make recommendations and offer various options on
how digital certificates should be presented in the future. Up for
discussion might be every proposal and the groups responsibility would
be to make its recommendation until a certain date.
I could imagine proposals for this group, such as the address bar,
display of information, saving of fingerprints (ssh like), error
behavior and more.
The Mozilla project doesn't tend to work in such a structured way. But I
know our UI designers are going to be looking at the security UI over
the next few weeks. I hope they will make this group aware of how the
process is going to work.
Gerv
_______________________________________________
dev-security mailing list
dev-security@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-security
