- From: Jeffrey Walton <noloader@gmail.com>
- Date: Thu, 18 Dec 2014 17:22:11 -0500
- To: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
- Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>, blink-dev <blink-dev@chromium.org>, security-dev <security-dev@chromium.org>, mozilla-dev-security@lists.mozilla.org
On Thu, Dec 18, 2014 at 5:10 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > ... > Four proposed fine-tunings: > > A) i don't think we should remove "This website does not supply > identity information" -- but maybe replace it with "The identity of this > site is unconfirmed" or "The true identity of this site is unknown" None of them are correct when an interception proxy is involved. All of them lead to a false sense of security. Given the degree to which standard bodies accommodate (promote?) interception, UA's should probably steer clear of making any statements like that if accuracy is a goal.
Received on Thursday, 18 December 2014 22:22:38 UTC