(Belated reply, now that my email is working
again after toasted power supply problems!)
| view of what they had decided they meant, or are
| big enough and ugly enough to take their punishment
| if ever called to do so.
|
| What Simson showed was not only that the users
| didn't know what that meaning was (no big deal)
| but the users didn't even understand what the
| question was. They are basically unaware and/or
| confused about the entire process.
|
P.T. Barnum is as right today as he was a century ago. But ignorance on
their part should not be construed as same on those who do understand.
Right. And now we reach a big philosophical
issue for Mozilla, which has been mooted upon
in these very pages of late.
Who is Mozilla for? Who is Tbird courting?
If it's the average user a.k.a. Joe Sixpack,
then we have one way of looking at how to
secure his traffic.
If it's Terry Techie, then we might expect
him to learn the steps, the model, the customs.
But not Joe & Josephine Mixed Dozen.
Now, I'm assuming the 'average user', because
that's what I was told, and it's unfair to anyone
to flip back and forth in a conversation. But,
I do recognise that ... this has created a very
big tension, especially in places like S/MIME,
where the setup assumes Terry Techie, and Terry
is quite happy with the product as it is.
| Fun debate!
I suspect S/MIME is a square block to your round hole at least vis-a-vis
certs in email apps. You might be interested in Ciphire
(https://www.ciphirebeta.com/) an application that addresses some of the
problems you've mentioned here and in the past.
Yes, I looked at Ciphire. In terms of getting
crypto out to the people - Mozilla's undebated
target audience - I'm not sure that Ciphire adds
anything over OpenPGP clients. Sure, it might
address the key distro issues better than say
S/MIME, but it has to still carry the burden of
being a downloaded client that just does crypto.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
Mozilla-security mailing list
Mozilla-security@mozilla.org
http://mail.mozilla.org/listinfo/mozilla-security
