[cap-talk] Firefox breaks the principle of identifiability
marcs
marcs at skyhunter.com
Tue Feb 8 12:03:47 EST 2005
> > Ian G wrote:
> > > You need more than just pet names. The central
> > > issues surround the domain as a trust vector,
> > > and its relationship to the certificate. If the
> > > domain matches ("is signed by") the cert, then
> > > it is accepted, and that domain is good.
> >
> > Huh? How is it that Pet Names don't solve this problem?
> >
>
> Firstly, as above, the browser needs to index from the cert,
> and currently does not. (I'm not sure what amount of work is
> required for this, but I'd anticipate some work there.)
>
> Secondly, petnames may "solve" the problem in theory, but are
> not as well as logos. The ergonomics of graphical
> presentations work much better than just words.
> Intiutivelly, just looking at the research done on the
> graphical presentations indicates that, and there's been no
> research done on the effect of the petnames to my knowledge.
>
> The main issue here is that petnames are just one idea that
> could assist. What will be required is experimentation along
> different lines, trying petnames along side other methods.
And pet icons should be introduced into the mix as well. In CapDesk, users
pick both a pet name and a pet icon for an application. The pet icons
exploit the value of graphical presentations too.
--marcs
More information about the cap-talk
mailing list