[cap-talk] A petname toolbar for Firefox

Jed at Webstart donnelley1 at webstart.com
Fri Feb 18 20:35:22 EST 2005 

At 12:30 AM 2/18/2005, Tyler Close <list at waterken.net> wrote:
>Last year, I had the privilege of working with Chip Morningstar, and 
>learned much from him. One important piece of knowledge was his saying: 
>"You can't tell people anything!". To truly understand something, people 
>need to experience it for themselves.
>
>Following this advice, I've built a petname toolbar for Firefox, so that 
>everyone can actually use it. Hopefully, we will all gain experience and 
>improve our discussion.
>
>You can find the petname toolbar for Firefox at:
>
>http://www.waterken.com/user/PetnameToolbar/
>
>Let's all try it and discuss it here on cap-talk before telling others 
>about it. I'd like to get something very polished before spreading much 
>beyond the cap-talk list.

Good idea.  Thanks for setting this up Tyler!  Here's my initial experience:

1.  I needed to allow www.waterken.com to install the software.

2.  I ran into a problem that the Petname Toolbar 0.1 could not be 
installed because it is not compatible with this version of 
Firefox.  (Petname Toolbar 0.1 will only work with Firefox 
1.0).  Apparently I've been using Firefox 1.0 Preview Release for some 
time.  Thanks for the nudge to update ;-)

3.  In following the instructions on the above Web page it was a little 
awkward in that the Petname toolbar wasn't named and just appeared as a 
blank form window.  There was nothing "Petname" about it, though if I can 
figure it out I guess others can.

...  Now having gotten some experience with this Petname toolbar, here is 
the thought that most strikes me:

To get effective protection from such a mechanism I believe it important 
that there be some mechanism to warn a user if they enter data into a site 
that is "untrusted".  Of course I understand that there are trust issues 
even to reading data.  Perhaps one should have the option of being warned 
about even viewing data from untrusted sites, but I definitely think there 
should be an option (which I believe should be the default) for getting 
warned about submitting data to an untrusted site.

On the implementation side I want to know how the binding between the 
Petname and the site actually works.  If the sites certificate is changed 
will it become untrusted?  R.e.:

On Feb 18, 2005, at 8:36 AM, Ka-Ping Yee wrote:
 >  There's one thing i
 > don't understand, though.  Why do you store the petname keyed by
 > the root CA's fingerprint instead of the site's fingerprint?
 > (I see that you still use the domain name so that different
 > domains signed by the same CA are distinct, but i don't see why
 > the CA's certificate needs to be involved at all.)

I'd be interested to know how Ka-Ping Yee figured the above out.  It wasn't 
obvious to me.  In the above case then it would seem that the Petname 
binding will still 'expire' when the CA certificate expires.  E.g. it seems 
that many of the Verisign CA certificates expire in 2028.  I guess your 
attitude is that if things last that long then you will be delighted?

Thanks for putting something out there to make this discussion more 
concrete Tyler!

--Jed http://www.webstart.com/jed/

More information about the cap-talk mailing list