If folks don't know to look and demand https in sensitive situations,
then it is unlikely that the browser can help those folks much in this
regard. I know that there are dialogs boxes that popup asking are you
sure you want to submit form data over a non-secure channel (or
something similar). I would imagine that most people choose the I know
what I am doing, don't bother me about this again button. Perhaps this
dialog box keeps bugging folks and the only way to turn it off is via
about:config. If they are smart enough to figure out about:config
setting, then hopefully they should be smart enough to know to look for
https.
Duane wrote:
CarlosRivera wrote:
deal to setup. It also might have other potential benefits for other
unknown phishing type attacks. I am assuming that folks know to look
Unlikely, most phishing attacks don't even use SSL...
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
