[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: ssl auth failure gui: does "continue" do what I think it does?
From: Jeff Mitchell <mitchell () kde ! org>
Date: 2009-06-09 17:49:16
Message-ID: 4A2EA09C.4060506 () kde ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Thiago Macieira wrote:
> I would prefer the paranoid Firefox way in all web browsers. Then users
> complained to the websites -- or the webmasters noticed the problem -- and
> someone fixed the issue.
>
> But I agree with you that we can do this with two clicks, a nasty error
> message and forcing the user to review the certificate. Like:
>
> "The website you're trying to connect to is using a certificate that
> contains errors:"
> "The certificate has expired"
> "The certificate is not signed by a trusted source"
> "The certificate is self-signed"
> "The certificate is not issued to this server"
> etc.
>
> "Review certificate and continue" "Cancel"
>
> Then show the certificate and ask:
> "Ignore errors temporarily"
> "Always ignore these errors for this certificate"
> "Cancel"
Yes, that looks pretty good. Possibly with links to a web page or some
help text describing things in more detail. Less advanced users may not
understand why self-signed certificates is an error (or even what they are).
> Maybe the first message could be shown in a webpage just like Firefox and
> now Konqueror errors. But the ability to show it in a dialog is necessary
> because of other SSL connections (like IMAP).
Showing it in a dialog in both cases is beneficial because you can not
only re-use the same dialog (so the user doesn't have to parse and
understand two methods of dealing with the cert), but the dialog can
share the same accelerators/hotkeys too.
--Jeff
["signature.asc" (application/pgp-signature)]
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic