I am not suggesting that we make any assurances that the CA is not making; I am suggesting we more clearly represent the CAs position in the UI. As you know, CAs take different positions on this issue.
Right. So there needs to be an easy way to show the CA / position.
Position, yes. CA, no. ;-)
Actually, I think the CAs might have an answer to that question.
They do. Put their logo on the chrome and let them beat each other up in the marketplace on the question of brand versus quality.
Actually, I explained my point about logo confusion to a representative of a big CA this week, and he agreed with me absolutely. But I agree there's a spectrum of opinion here.
Did he say that he didn't want his logo on the chrome?
I explained why I didn't think putting logos on the chrome was a good idea, and he agreed absolutely.
To which you say, if you don't know who GeoTrust is, then you shouldn't risk your credit card.
So she won't be buying much, then!
Until she learns! Nobody forces her to shop. It's not our God given mission to make her buy those goods.
I think a browser which said "Hey, don't shop online until you've learnt the following 35 logos and assessed their trust levels by, I don't know, reading these Certificate Practice Statements" wouldn't have much market share.
Gerv _______________________________________________ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security
