JoeS wrote:
Mail and news have very different security needs IMHO
That may well be. Might be worth filing a bug on that. I suspect the default
configuration would still have the same prefs set for both of them, though...
-Boris
___
dev-security m
Boris Zbarsky wrote:
JoeS wrote:
Yes, but only if you know that default policies have been violated.
Er... you can set up policies even if nothing has been violated.
I think at least an alert should be done here
So a site can go into an endless alert loop by violating a security
policy in
Ka-Ping Yee wrote:
We should scrap all this and do something better.
I'm really glad to see that there's interest in a new and better
design.
Me too.
One thought I had the other week is to enable privileges implicitly
based on "latent trust": site has good CA-signed cert, you've connected
Frank Wein wrote:
> Oh it's just the users here who top-post ;). In general i think there is
> an agreement that buttom-posting should be used in the new mozilla.*
> groups.
http://www.mozilla.org/community/etiquette.html
See "Trim your follow-ups" and "Top-posting vs. bottom-posting".
Gerv
___
Brendan Eich wrote:
> One thought I had the other week is to enable privileges implicitly
> based on "latent trust": site has good CA-signed cert, you've connected
> with SSL, you've got a password saved for this site, you are logged in.
>
> Such a site could have some awesome powers, but not supe