Bob Lord wrote:
>...
> You ask some very good questions, but I would like to suggest that the
> best way to make the most of your points is not to assume that we're
> unaware of UI issues or that we don't talk to users.
I never said you didn't talk to users ... But I apologize for the tone
of my previous message. After having quite a few people say to me
`So, have you seen the new PSM UI yet? You'll have a field day with
that ...', I was possibly a little over-excited.
>...
> If you can suggest ways to make the text or presentation easier to
> digest, I've love to hear your ideas. But please don't assume that
> just because you have not used these features that they're not
> important. Or that no one ever would. Almost all of them are present
> in Communicator and IE.
But they seem to be a lot less prominent in Communicator and IE, which
(IMO) is as it should be. Because people shouldn't have to care about
security, unless it goes wrong. It should Just Work.
>...
> > * Ultimately, the Security Manager should have one (1) window, not
> > three; and it should have one (1) preferences panel, not five.
>
> I'm not sure what you mean by the Security Manager. Do you mean the
> Certificate Manager? Or are you advocating a combined design like the
> Security Advisor in Communicator?
Probably, yes. Though obviously not with 4.x's HTML interface. :-)
Now that I read the explanatory text in 4.x's Security Info window, I
start to understand what some of this UI in Seamonkey is for ... I'm not
suggesting that PSM should copy 4.x (and other more sordid areas of
Seamonkey's prefs) in including screeds of explanatory text in its
windows and dialogs, but I think that the controls themselves could be
labelled more usefully.
> > I don't yet know how this can be achieved (because I can't tell
> > what all this UI is for), I just know that it needs to be
> > achieved in order for the UI to be understandable enough to be
> > useful.
>
> You don't understand what these screens do, or what tasks users need
> to perform, but you know they need to change. :-)
Sounds weird, but yes, I think so. I should be able to tell what tasks I
*can* perform with these bits of UI, just by looking at them. Currently,
I can't tell.
To start with, here's how you could reduce the complexity of the
security prefs UI:
* The top level `Privacy/Security' panel contains only three buttons,
surrounded by group boxes and descriptive text. I don't think the
descriptive text really adds much to the user's comprehension, and
the group boxes (like most of the group boxes in Mozilla's prefs
dialog) are rather redundant. These buttons could instead be laid
out along the bottom of the single prefs panel.
* The `Reset Preferences ...' button (which shouldn't have an
ellipsis, by the way) could be made a general part of all prefs
panels, rather than specific to this prefs panel. (See also `One
button reset/restore prefs'
<http://bugzilla.mozilla.org/show_bug.cgi?id=76783>.) This wouldn't
save any space, but it would decrease the apparent complexity of the
security prefs UI in particular (since you wouldn't be adding
anything extra to the panel, beyond what was in other panels
already).
* The `SSL Protocol Versions' checkboxes could be oriented
horizontally, instead of vertically.
* The `SSL Warnings' checkboxes could be put in a listbox (like the
current Navigator toolbar buttons checkboxes), to make them look
less intimidating and to allow the prefs dialog to fit comfortably
in a 640*480 display.
So a single `Security' prefs panel, assuming the current variety of
secondary windows is retained, could look something like this:
+--------------------------------------------------------------------+
| Navigator Preferences :::::::::::::::::::::::::::::::::::::::::::::|
+--------------------------------------------------------------------+
| |
| Category: Security ::::::::::::::::::::::::::::::::::: |
| +-------------------+ |
| |=Navigator=========| Allow _secure transactions using: |
| |=Display===========| [/] SSL v_2 [/] SSL v_3 [/] _TLS |
| | Languages | ( _Edit Ciphers ... ) |
| | Accessibility | _Alert me whenever: |
| | Fonts | +----------------------------------------+-+ |
| | Colors & Effects | |[/] I enter a secure area |A| |
| | Multimedia | |[/] I leave a secure area |:| |
| | Scripts | |[/] Secure pages contain insecure items |V| |
| | Privacy | +----------------------------------------+-+ |
| |::Security:::::::::| |
| | | (_Certificates ...) ( Security _Devices ...) |
| | | |
| +-------------------+ :::::::::::::::::::::::( Reset to Defaults ) |
| |
| ( MozConfig ... ) ( Cancel ) (( Save )) |
+--------------------------------------------------------------------+
>...
> I'm not sure what you mean by "security details". Are you
> referring to the Certificate Manager?
I'm referring to all UI dealing with secure transmissions, security
devices, and certificates.
> Does that mean that you cannot
> get or view your personal certs with Mac IE, can't see CA certs, for
> example? I'm wondering if IE for the Mac has all the features of IE
> for Windows. Maybe MS dropped some features on the Mac version?
You can still see all the CA certificates, but the UI for doing that
fits comfortably into the single `Security' prefs panel itself. The main
reason for that is that IE doesn't have prefs for turning particular
security protocols on or off. That's partly why I'm wondering why such
prefs are needed in Mozilla.
>...
> > * What is the Device Manager for? How does it help me in browsing
> > the Web? Is it necessary at all? If so, why can't I tell how
> > necessary it is just by looking at it?
>
> I'm least happy with the Device Manager. It needs help.
If you have the time to come up with a couple of examples (real or
fictional) of people using the Device Manager, preferably examples
covering all its features, I'll give you a design for it.
E.g.: `Paul Saramanthan is a 38-year-old investment analyst who lives in
Liverpool, England. He has a smart card to do {...}. The smart card
plugs in to {...}. This morning, he {...}, and this is what happened {...}'
If the Netscape UI team has been working on this UI, as you said, then
they should have written such user stories already, and all you'll need
to do is forward those to n.p.m.ui.
>...
> > * What are the `Allow device to perform these functions: [ ] RSA
> > [ ] RC2 [ ] DES [ ] SHA-1 [ ] MD2 [ ] RNG [ ] DSA [ ] RC4
> > [ ] MD5' checkboxes for? Why would I want to turn any of these
> > off? How would turning them off help me in browsing the Web?
>...
> Different token manufacturers build in different capabilities into
> their tokens and drivers. There are some operations which the token
> must perform in order for the function to work (like in the case where
> the keys are stored on the token) or to conform to certain standards.
Why would I want to turn any of these off? How would turning them off
help me in browsing the Web?
If it is instead possible for Mozilla itself to tell whether or not a
particular function works with a particular token, I think that would be
much preferable.
> These items could easily be moved to an "Advanced" window since a
> user would not touch them very often.
In what situations would a user need to touch them at all?
> And given how much time we
> have, we may not be able to get to them at all.So we may not have to
> worry about it.
I'm not sure what you're implying here. Is the PSM UI going to be frozen
indefinitely after a particular date? I assume it would it be ok if
people other than those in Netscape's security group made improvements
to the PSM XUL (going through the normal review/approval process, of course).
>...
> You might want to turn off TLS if you encounter a web site that is
> "TLS intolerant". See
> http://bugzilla.mozilla.org/show_bug.cgi?id=59321 for more
> information.
Ok, so is there any way we can tell that a server is failing because of
being TLS-intolerant, as opposed to failing for some other reason? If
the server returns no response for a TLS-enabled request, could we
automatically retry without TLS (perhaps warning the user first)?
Conversely, if a server fails because it's TLS-intolerant, is a user
going to have any chance at all of (a) realizing the cause of the
problem, (b) being able to find the pref for TLS, and (c) bothering to
turn the pref off (just for that site) instead of just going to a rival
site which does work? (Obviously (c) does not apply so much if this is
your e-mail account or your bank account which we're talking about.)
> You might want to turn off SSL2 because it's an older,
> possibly weaker protocol.Like most prefs, you probably just leave it
> alone.
Well if, for a particular site, I have no option but to use SSL2, what
benefit could I gain from turning SSL2 off? Alternatively, if a
particular site offers the choice of either SSL2 or a protocol which is
known to be better, would it be possible for Mozilla just to choose the
better protocol automatically?
> You you think that SSL is more scary than proxies or caches? I don't.
No, I don't think that SSL is necessarily *more* scary than proxies or
caches (though currently the UI for SSL is more complex than the UI for
proxies and caches combined); but I do think that proxies and caches are
unacceptably scary *as well* ...
You shouldn't have to configure proxies yourself before your Web
browser will connect to the Internet, just as you shouldn't have to
configure the voltage and current of an ordinary electrical
appliance yourself before you can connect it to the mains power
supply. Proxies should Just Work. (See also `Please add support for
the Web Proxy Auto-Discovery Protocol (WPAD)'
<http://bugzilla.mozilla.org/show_bug.cgi?id=28998>.)
The same applies to caches -- in an ideal world, OSes would have a
message which could be sent to apps saying `I need 30 MB of the
space which you're using for cache files back, thanks, there's
another app which needs to use that space for important non-cache
stuff'. Then app caches could grow to fill however much hard disk
space you had, if necessary, with the ability to shrink in an
instant if you needed to save a large permanent file. There would be
no need to allocate specific amounts to caches for particular apps,
they'd Just Work.
... But I digress.
>...
> Users choose weak passwords. But unless they get feedback on what's
> "worse" and what's "better", they're not going to improve the quality
> of their passwords.
>...
> I'm open to suggestions on how to give people real time feedback in a
> way that's simple to understand.
Like the others who've posted in this thread, I think that just the
quality meter is quite enough -- the counters for particular types of
characters seem like overkill to me. A single-sentence caption next to
the quality meter could take up less space, be less distracting, and be
more informative, than the counters:
|
| Using numbers, upper-case letters, and punctuation can improve your
| password by making it harder to guess.
Ideally, I think the quality meter should be vertical, to distinguish it
from a progress meter which is horizontal. This would probably require
help from XP Toolkit people, since I doubt that the progress meter
widget supports orient="vertical" yet.
> I first posted this information in November, and the UI team at
> Netscape has been involved from the start. And some of these items
> (like the password changer) have been in for weeks. I'm afraid
> you're the one late to the party, not me. :-)
Oops, sorry. :-) From looking at the UI I had wrongly assumed that the
Netscape UI team had not been involved.
Thanks for pointing me to these screenshots. I look forward to the rest
of the UI appearing in real life soon.
--
Matthew `mpt' Thomas, Mozilla UI Design component owner
<http://mozilla.org/>
