- From: Stuart E. Schechter <ses@ll.mit.edu>
- Date: Wed, 27 Dec 2006 15:54:08 -0500
- To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- CC: <public-wsc-wg@w3.org>
>> I think the safest default behavior for a browser that receives a >> self-signed cert is to show an error page. The message should tell >> the user to contact the site's administrator to ask them to fix the >> problem. Stephen Farrell wrote: > > The main point is that naively differentiating between a "secure" > state (padlock) and an insecure one (no padlock) isn't very effective. > I don't believe that changing from that binary approach to an N-ary > one, where the N options map to TLS state-machine states will be any > more effective. We need a subtler mix... I agree that the padlock isn't effective. I'm also against an N-ary approach. Having sites with self-signed certs appear with an HTTPS in the address bar adds a new category users have to understand. I'm for having only one level of security (not the current two states)---you either reach the site in the address bar at the security level the site has deemed appropriate, or you don't reach it at all.
Received on Wednesday, 27 December 2006 20:53:44 UTC