On Wed, 07 Mar 2012 13:26:13 +0100 Jean-Marc Desperrier wrote: > > the system highlighting the > > more dangerous ones requested but also maximising user configurability > > and overrides is always best > > No, you're still dodging the difficult part by providing information to > the user, letting him configure, lalala ... > > Take a page form Apple's handbook : make it *just* *work*. > > *You* have to tackle the very difficult issue of finding a way so that > it *just* *works*, don't try to pass the buck to the user.
You misunderstand me. I'm not saying make the user decide. I'm saying inform and decide for the user but give the more concerned user absolute control with the fine grained ability for revocation that is currently lacking in implementations. _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
