Gervase Markham wrote:
Ian G wrote:
> Why not just put the number of crypto bits on the status
bar, next to the site name, CA name and padlock?
I'm surprised at you, Ian. I would have thought the reason was obvious :-)
It could be blindingly obvious to others ... but it's
not to me!
In Opera, the message must be OKed/cancelled *before the site is even
rendered*
Heavens above! I wonder what they are going to do when
an unprotected HTML site asks for a credit card number?
Self destruct? Launch an SS18?
If there were some way of reliably detecting that they were asking for a
CC number, I would seriously consider disabling the form field in
Mozilla and refusing to allow it to be re-enabled.
Right. But there never will be ... so the alternate
is to try and expand SSL usage so that certs can be
used to do the job of protecting against spoofing.
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
Mozilla-security mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-security
