[TrustBar] Feature request

Amir Herzberg herzbea at cs.biu.ac.il
Thu Mar 10 01:58:46 EST 2005 

Ram, that's exactly what the `trust only this identification` option in 
the dialog is supposed to do and convey... doesn't it work for you?

Best, Amir

Ram A M wrote:
> Amir,
> 
> Thanks for the reply.
> 
> I am looking for a new option in the dialog box. Specifically when I
> reach a site whose certificate is trusted by the browser software but
> whose root CA policies do not meet my criteria for ecommerce I wish to
> be able to tell trustbar that I trust that site certificate explicitly
> but I still want to be prompted when presented different certificates
> anchored in the same root CA.
> 
> To illustrate by example consider the case of a website that uses TLS
> to protect access to the site - perhaps they wish to use the opacity
> feature of TLS to enable a protected username / password login. I may
> decided that while the CA that issued that certificate isn't high
> enough quality for me to trust them to identify my bank I may be ok
> with trusting them to identify this particular site. In this scenario
> I don't want to face the trust dialog box each session with the site
> but I also don't want to ever trust that root CA without evaluating
> the risk for myself.
> 
> ram
> 
> 
> On Wed, 09 Mar 2005 17:44:52 +0200, Amir Herzberg
> <herzbea at macs.biu.ac.il> wrote:
> 
>>Ram: do you mean you want TrustBar to help with a site certified by a CA
>>not in the list of trusted CAs in the browser? I'm not sure this is a
>>good idea - this will make TrustBar change an internal browser control.
>>
>>Or, do you mean, that when you reach a site whose cert is signed by a CA
>>which you don't fully trust, you want to tell TrustBar `ok, use this
>>cert, but don't automatically trust this CA`? If this is what you mean,
>>then this option already exists; in the dialog, you simply select `trust
>>this identification by...` (name of CA). In fact, this is supposed to
>>(become/be) the default.
>>
>>Is this what you wanted? Do you think we should change the text?
>>
>>Thanks, Amir Herzberg
>>
>>Ram A M wrote:
>>
>>>Hey there,
>>>
>>>Thought I'd drop in a feature request as I've found myself in need.
>>>I'd like to see an additional button/feature in the trustbar pop-up
>>>"trust this cert only." This would have the equivalent effect to
>>>installing that cert into the local trust store (root list). The value
>>>to the user is to enable trusting of SSL for a not particularly
>>>sensitive site that has a cert issued by a CA I'd rather not trust for
>>>banking.
>>>
>>>What do you think?
>>>
>>>ram
>>>_______________________________________________
>>>TrustBar mailing list
>>>TrustBar at mozdev.org
>>>http://mozdev.org/mailman/listinfo/trustbar
>>>
>>>.
>>>
>>
> _______________________________________________
> TrustBar mailing list
> TrustBar at mozdev.org
> http://mozdev.org/mailman/listinfo/trustbar
> 
> .
>

More information about the TrustBar mailing list