RE: petname implementation recommendation proposal

Rachna Dhamija wrote:
> By what measure?

I think if we make any reasonable effort to quantify the user effort involved in correctly distinguishing a known site from an imposter using the hostname display versus the petname display, we will find an advantage for the petname display.

On each repeated visit:

For the hostname display, the user must remember the exact hostname used by the known site and perform an exact character-for-character match against the string presented by the hostname display.

For the petname display, the user must check that the petname display is enabled and displaying a petname that looks like one they would have assigned to the known site. If the petname looks more or less right, it is exactly right.

On initial visit:

For the hostname display, the user must study the hostname display and commit to memory the exact string being displayed.

For the petname display, the user must type in a short mnemonic of their own choosing.

For multi-hostname sites:

For the hostname display, no indication is provided that a newly encountered hostname has any relationship with a previously known one.

For the petname display, when the site's certificate creates a binding between hostnames, the petname assigned to the previously encountered hostname is displayed.

What's hard:

I believe the following are hard tasks for users:
        - exactly remembering a string chosen by someone else
        - correctly performing a character-for-character match of a presented string against a remembered string
        - correctly searching for information that is not presented

I believe the following are feasible tasks for users:
        - approximately recognizing a presented string as one chosen in the past

Conclusion:

The petname display substitutes feasible user skills where the hostname display requires infeasible ones.

Again, I'm not saying the petname tool is perfect as is, but it's better and moving in the right direction and I think I know what the next steps are.

--Tyler

Received on Wednesday, 19 March 2008 15:45:45 UTC