On 05/19/2010 01:30 PM, From Jean-Marc Desperrier:
Eddy Nigg wrote:
Isn't this actually a sign that the technology works? I mean, 100% false
positives means literally 100% success.
Shit no !
The higher the false positive rate, the more acute the failure.
Well, just for the record, lets get this strait - there are no false
positives. I have NEVER encountered an error with a web site and there
was no reason for it. Either the certificate was not trusted or the
domain did not match or other reasons. Those are real errors, those are
not false positives, those are REAL positives.
I was running an old Firefox 2 version recently, and well it made it
again obvious the modified SSL warning are a failure.
Firefox 2 tried to explain the error to user,
Yes, it really did? :-)
which even if *really* far from perfect, at least made it often
possible to understand why the Firefox was wrongly raising an error,
LOL...I could barely get the coffee out of my way before laughing
out....next time please warn me :-)
No kidding, I'm amazed...and all the users understood what's going on
and happily clicked OK because that's what they were trained to do for
the last 15 years or so...
so was better in term of the user trusting the report, and not just
starting IE to get to the site instead.
I'll urge the folks at Microsoft to implement something similar.
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
XMPP: start...@startcom.org
Blog: http://blog.startcom.org/
Twitter: http://twitter.com/eddy_nigg
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto