Re: Making file control text editor readonly

for this page. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security

Re: User effort

Duane wrote: In the end they decided to try it and now they enter the website address of their bank each time (they don't use bookmarks or click on links in emails) to make sure they connect to the right site each time. So So for them the current SSL model is actually enough. -- Heikki

Re: Criteria for an antiphishing tool

in it being there. Are you inventing history here? I don't remember what the early browser's looked like, but was there really more security in the early days? -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http

Re: Criteria for an antiphishing tool

would help. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security

Re: Criteria for an antiphishing tool

. We'd love to change this, of course. Now go convince all the web developers out there, and once you've done that, we'll flip the switch again. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org

Re: Is there a Mozilla security process?

Tyler Close wrote: On 6/13/05, Heikki Toivonen [EMAIL PROTECTED] wrote: Me and a few others have expressed some doubts about getting petnames into the default Mozilla installation. In that email, you prefaced your comments with the admission that you hadn't actually used the petname tool

Re: Is there a Mozilla security process?

, though. I'd have to search the list how we dealt with disagreements, but since I can't remember it off the top of my head, which indicates (at least to me) that there hasn't been that many. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla

Re: Is there a Mozilla security process?

and cons * Any other things that would help in the evaluation. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security

Re: Unprotected login `Hall of Shame` and on TrustBar, privacy, etc.

of the real login. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security

Re: Is there a Mozilla security process?

theme of the browser and user sharing a secret might be accepted, but due to some of the weaknesses I listed above I doubt petnames as is would make it into default Mozilla. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security

Re: Is there a Mozilla security process?

with Mozilla CA policy. And the CA policy is about security - trust is a large part of security work. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security

Re: Low security SSL sites

/show_bug.cgi?id=247830 https://bugzilla.mozilla.org/show_bug.cgi?id=247969 -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security

Re: about bug 286107 : Remember visited SSL details and warn when changes, like SSH

number wouldn't be very useful. -- Heikki Toivonen ___ Mozilla-security mailing list Mozilla-security@mozilla.org http://mail.mozilla.org/listinfo/mozilla-security

Re: document.domain and XmlHttpRequest object security problem

I thought there was a bug filed for this, but was unable to find it now. Please file a new one (product Browser, component XML). Maikel Nait wrote: Hi all. We are trying to port an explorer-only web application to Mozilla/Netscape, using among other things the XmlHttpRequest object similar to

Tools we have tried, and other kinds of tools, Was (Re: We need abetter flaw finder...)

can be security problems. -- Heikki Toivonen

Re: Thawte FreeMail cert not working for email signing

any hint ? thanks ! -- Heikki Toivonen