Gerv suggested I post this here for discussion - copied from bug 288693
When visiting 'secure' sites that use outdated encryption, Firefox/Thunderbird should give a big ugly warning about the dangers of submitting information to this site.
For reference: the latest Opera 8 beta does this and displays the message
'This site is using an outdated encryption method currently classified as insecure. It cannot sufficiently protect sensitive data. Do you wish to continue?'
In Opera, the message must be OKed/cancelled *before the site is even rendered*
My personal preference would be a dialog with a delayed OK button (like XPInstall) to force people to read it.
(http://my.opera.com/forums/showthread.php?s=b9954ef796e4d661961e2af3d9b567db&threadid=85778 is an Opera forum thread discussing this)
_______________________________________________ Mozilla-security mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-security
