It appears that Jim Fenton <fen...@bluepopcorn.net> said: >On 5 Feb 2024, at 14:02, Dave Crocker wrote: > >> On 2/5/2024 1:56 PM, Jim Fenton wrote: >>> And you will also provide citations to refereed research about what you >>> just asserted as well, yes? >> >> >> Ahh, you want me to prove the negative. That's not exactly how these things >> go. > >You said that the URL lock symbol failed. Asking for research to back that up >is not asking for you to >prove the negative. I suspect there is research out there that backs up that >statement, and I’m just >asking for the same amount of rigor that you are asking for.
In this case, Dave's right. Here's a conference paper from Google saying that only 11% of users understood what the lock meant. https://research.google/pubs/it-builds-trust-with-the-customers-exploring-user-perceptions-of-the-padlock-icon-in-browser-ui/ The annual Usenix SOUPS conferences are full of papers about failed security UI. Here's this year's. Don't miss the one saying that Gmail's message origin indicator doesn't work, https://www.usenix.org/conference/soups2023/technical-sessions R's, John _______________________________________________ Ietf-dkim mailing list Ietf-dkim@ietf.org https://www.ietf.org/mailman/listinfo/ietf-dkim
