Firefox/Feature Brainstorming:Security: Difference between revisions

Firefox/Feature Brainstorming:Security (view source)

Revision as of 23:50, 18 October 2006

3 bytes added , 18 October 2006

no edit summary

Warphaui

2

edits

@@ Line 43: / Line 43: @@
 ** Consider intergration with something like PhishTank [http://phishtank.com]
 * Multi-provider support for local list checking (depending upon provider demand)
-* new approach: allow certificate whitelisting. Organizations could sign certificates not just (as today) in order to confirm the identity but to confirm that a web site belongs to the "good guys". Users could mark the certificate of such an organization as trustworthy. When displaying a site which has been approved that way the browser should mark it somehow (a green address field e.g.). This is just an infrastructure idea. If Firefox supports that people will start to offer whitelists. Whitelisting makes more sense than blacklisting - it's easier and safer. There are rather few web sites which are potential phishing targets so it should work.
+* new approach: allow certificate whitelisting.
+** Organizations could sign certificates not just (as today) in order to confirm the identity but to confirm that a web site belongs to the "good guys". Users could mark the certificate of such an organization as trustworthy. When displaying a site which has been approved that way the browser should mark it somehow (a green address field e.g.). This is just an infrastructure idea. If Firefox supports that people will start to offer whitelists. Whitelisting makes more sense than blacklisting - it's easier and safer. There are rather few web sites which are potential phishing targets so it should work.
 </td><td>
 certificate whitelisting - in German [http://www.hauke-laging.de/ideen/bsi-zertifikatsplugin/]