On 6/7/09 08:42, Nelson Bolyard wrote:
On 2009-07-05 16:03 PDT, Ian G wrote:
On 4/7/09 23:19, Nelson B Bolyard wrote:
You provide customer support for Firefox?
Yup. Doesn't everyone who is a techie? I mean, I don't want to, but
because I am a techie, people assume that I know Firefox back
On 2009-07-05 16:03 PDT, Ian G wrote:
On 4/7/09 23:19, Nelson B Bolyard wrote:
You provide customer support for Firefox?
Yup. Doesn't everyone who is a techie? I mean, I don't want to, but
because I am a techie, people assume that I know Firefox back to front
and can make it do circus
Users are never told that a PIN is a password is a passphrase. So,
they believe that a PIN is not a password, and a password is not
a passphrase. So they think I have to type my password to get
access to this, not the device is asking for my PIN to do what it's
been asked to do.
Users aren't
Martin,
Martin Paljak wrote:
This is because currently tokens are used for low level internet pipe
things in the form of SSL/TSL. It is impossible to bring those network
level events to the UI level, and it would not make much sense either.
NSS allows the password prompting callback to be
On 05.07.2009, at 0:11, Nelson B Bolyard wrote:
FYI, to make sense to users of eID cards currently one has to embed
the word PIN into the token description as well, so that the prompt
that Firefox displays would make sense: Please enter password for:
MARTIN PALJAK (PIN1) GUI hints would be
On 2009-07-05 05:57 PDT, Martin Paljak wrote:
The problem is that an average users thinks like this: password is
something like 'topsecret123', PIN code is something like '1234', I'm
asked for a password, let me see, which passwords I know that I might
type here... More experienced
On 4/7/09 23:19, Nelson B Bolyard wrote:
On 2009-07-04 04:19 PDT, Ian G wrote:
Some remarks.
On 4/7/09 12:18, Martin Paljak wrote:
Firefox displays a Please enter password for ... dialog, which is
ambiguous for casual users who need to be said very clearly when they
need to enter the PIN of
As I have written one of those many plugins used in EU (used in
Estonia on Mac OS X and NPAPI compatible browsers, which means firefox/
safari/opera/camino ...), my opinions might be biased, but they
reflect real life requirements.
On 04.07.2009, at 1:04, Nelson B Bolyard wrote:
FYI, to
Some remarks.
On 4/7/09 12:18, Martin Paljak wrote:
Firefox displays a Please enter password for ... dialog, which is
ambiguous for casual users who need to be said very clearly when they
need to enter the PIN of 4 or more digits. Right now my Firefox speaks
Estonian but I also remember a
Martin, I want to read your full message and respond fully later this
weekend, but right now I just want to try to clarify a couple things.
FYI, to make sense to users of eID cards currently one has to embed
the word PIN into the token description as well, so that the prompt
that Firefox
On 2009-07-04 04:19 PDT, Ian G wrote:
Some remarks.
On 4/7/09 12:18, Martin Paljak wrote:
Firefox displays a Please enter password for ... dialog, which is
ambiguous for casual users who need to be said very clearly when they
need to enter the PIN of 4 or more digits. Right now my Firefox
On 03.07.2009, at 8:15, Anders Rundgren wrote:
According to most people who are into consumer PKI, Java applets is
the
best solution for cross-browser PKI. I think Java applets suck but
indeed,
that's really all we got.
but please don't take it out on us. Please refrain from further
On 07/03/2009 08:15 AM, Anders Rundgren:
I'm sorry about that. Is there any other place where Mozilla people hang
out where there is an interest in trying to understand why and what is
happening on the PKI side for consumers?
Anders, I think you must take your ideas to a standards body -
Anders, I think you must take your ideas to a standards body
Eddy, this is exactly what I believed/hoped/craved for.
Unfortunately, the people who represent stake holders like EU
governments and banks do participate in International foras like OASIS
and IETF, nor fund such developments. It
On 3/7/09 07:15, Anders Rundgren wrote:
Nelson B Bolyard wrote:
but please don't take it out on us. Please refrain from further sniping
in this mailing list and newsgroup. Constructive contributions are welcome.
I'm sorry about that. Is there any other place where Mozilla people hang
out
On 3/7/09 09:30, Martin Paljak wrote:
...
2. Fix Firefox/NSS - Firefox still thinks that you should be able to
authenticate to websites with certificates *without* TLS client
authentication extension. Add automatic certificate selection, and you
get trouble.
Yes, this makes cert login as bad
On 2009-07-03 00:30 PDT, Martin Paljak wrote:
Some constructive suggestions; mostly for Firefox:
1. Use platform API-s where appropriate: cryptoapi (and basecsp via
this) on windows; cdsa/keychain on macosx.
Regardless of who does it, this triples/quadruples the amount of work
to be done
On 2009-07-03 05:29 PDT, Ian G wrote:
We desperately need some form of whitelisting in Firefox so that each site
always gets presented the same cert. If browsers can remember cookies
and username/passwords, then they can remember cert/domain combinations.
This goes double for Thunderbird
18 matches
Mail list logo
