Gervase Markham wrote:
Excellent! And I was talking about how to improve the lack of important information of the SSL certificate. Or better said, some information - as you indicate - should be displayed forcefully and some of it should be easy accessible and understandable.Eddy Nigg (StartCom Ltd.) wrote:Ben, why bother....?!?! As Gerv indicated, we are not going to /throw/ information at users...there is no need to display anything about the certificate, since details in the certificate will be only looked up and used, in case of fraud happens...(quoting Gerv from a previous thread).I don't believe I said that about _all_ the details.If you look at the IE UI, it displays the O field (Organisation) and the C field (Country). I personally think this is good. We are talking about the format of the O field.
However I never heard from you that you agree with me - even partially - but outright dismissed my suggestions! It seems now, that for whatever reasons (because IE has it (???)), that you seem to come to a similar understanding...
Concerning the details displayed in the address bar, I would take it one step further and display organization, locality, country code. A mouse over the area could reveal a tool tip with yet more information like:
Issue to: OrganizationOrganizationUnit (Very important, because many CA's use this field for identification of the validation procedure, including StartCom, Verisign and others)
Locality, State, Country Code Issue by: Organization, Country CodeA click on the same area should take you strait away to the Certificate viewer.
-- Regards Signer: Eddy Nigg, StartCom Ltd. Phone: +1.213.341.0390
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security