Kyle Hamilton wrote, On 2008-12-27 15:56: > I am a user. I am worried about MITM attacks. > > Unlike most users, I'm technically and legally savvy enough to know: > 1) Why to perform my due diligence > 2) How to perform my due diligence > 3) How to add the root into my store > > However, I have additional problems that I can't deal with through > the standard Mozilla user interface (or any browser that I have access > to's interface, realistically). > > For example, I cannot easily see who issued a given certificate, or > what root it chains up to. I cannot apply an attribute to a root > certificate saying "not a financial-services certification authority". > I cannot see details about the chain without having to go through > multiple difficult-to-get-to windows.
[rest snipped] Kyle, I think you're making some good points about the PKI/security related UI in Mozilla products (especially Firefox). I'm afraid this will get lost in this thread which is otherwise about CA behaviors and responsibilities. So, I suggest you start a new thread for this topic. Do that by posting a message which is not a reply to any existing message, but is the first with a new subject (not reusing a subject in any previously posted message). When you do that, some may suggest that another of Mozilla's newsgroups and mailing lists is a better venue for that discussion, and if so, so be it. But I encourage you to raise the UI issues in a way that is clearly separated from the current CA brouhaha. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto