[sugar] Preparing for the feature freeze

Eben Eliason eben.eliason at gmail.com
Thu Jun 5 10:24:05 EDT 2008


On Thu, Jun 5, 2008 at 10:14 AM, Benjamin M. Schwartz
<bmschwar at fas.harvard.edu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Eben Eliason wrote:
> | On Thu, Jun 5, 2008 at 12:36 AM, Michael Stone <michael at laptop.org> wrote:
> |> On Tue, Jun 03, 2008 at 11:03:44AM +0200, Marco Pesenti Gritti wrote:
> |>> * Browser bookmarks and autocompletion. - priority 3
> |> I'd really like to see some progress on #542/#5534 (deal with
> |> non-standard SSL certificate authorities). This is going to become a
> |> bigger and bigger stumbling block the longer we wait. Surely we could
> |> manage some sort of 'accept this cert' button? (Keep in mind the
> |> possibility of another G1G1 coming our way in the foreseeable future.)
> |
> | I think that a non-modal alert (akin to those used for downloads)
> | would suffice.  Toss up buttons for "view" "cancel" and "accept", with
> | the first of these presenting a modal alert with the detailed
> | certificate information, and we'd be set.
>
> I don't understand this at all.  If a site offers an invalid/untrusted SSL
> certificate, it should simply be accepted silently.  The user should have
> the same experience as if the page were not using SSL.
>
> We know from experience that users do not know how to interpret the
> certificate warning, and simply learn to click on the button that allows
> them to continue.  Presenting them with an incomprehensible warning, and
> then indicating that the connection is secure, is not good security, and
> not good UI.

Yeah, I prefer this solution, actually; I thought for some reason it
wasn't acceptable to some, but maybe I'm wrong.  It's also (I'd think)
an easier one to implement.  What we should focus on instead, if we
choose this direction, is providing an indication for secure sites.

- Eben


More information about the Sugar mailing list