Open
Bug 1226847
Opened 9 years ago
Updated 2 years ago
Remove key bits from Security tab of Page Info
Categories
(Firefox :: Page Info Window, defect)
Firefox
Page Info Window
Tracking
()
NEW
People
(Reporter: emk, Unassigned)
Details
Attachments
(1 file)
3.82 KB,
patch
|
Details | Diff | Splinter Review |
- This is redundant. Cipher suite names will contain the key bits. - This is misleading. People tend to think 256-bit is always better than 128-bit.
Attachment #8690389 -
Flags: review?(dolske)
Comment 1•9 years ago
|
||
Comment on attachment 8690389 [details] [diff] [review] patch Seems ok at a glance, but Tim can think more about it.
Attachment #8690389 -
Flags: review?(dolske) → review?(ttaubert)
Comment 2•9 years ago
|
||
Comment on attachment 8690389 [details] [diff] [review] patch I'm not convinced that the page info dialog is something we'd want or should tweak at this point. Also, how big is the group of people that might think 256-bit keys are always better than 128-bit ones, but doesn't know about algorithms? And how big is the group of people that uses the page info dialog that doesn't know? Anyway, I think Tanvi is a better person to judge whether we'd want to change this.
Attachment #8690389 -
Flags: review?(ttaubert) → review?(tanvi)
Comment 3•9 years ago
|
||
(In reply to Tim Taubert [:ttaubert] from comment #2) > Comment on attachment 8690389 [details] [diff] [review] > patch > > I'm not convinced that the page info dialog is something we'd want or should > tweak at this point. Also, how big is the group of people that might think > 256-bit keys are always better than 128-bit ones, but doesn't know about > algorithms? And how big is the group of people that uses the page info > dialog that doesn't know? > > Anyway, I think Tanvi is a better person to judge whether we'd want to > change this. Isn't more information better than less information? Sometimes both 128 and 256 are listed in the cipher name. I don't know what are plans are the Security pane in Page Info. But the people who read the "Technical Details" section are likely very technical. I don't really care either way if we keep or remove the bits. Maybe some technical users ignore the cipher and just look at the bits, and maybe some look at both? cc'ing more people to see if they have an opinion.
Updated•9 years ago
|
Attachment #8690389 -
Flags: review?(tanvi)
The information "128 bit keys" is not so useful (and indeed, potentially misleading) without knowing the specifics of the ciphersuite (and the certificate chain, to be complete). I'd say it would be an improvement to remove it. An even better improvement would be the ability to actually select and copy the ciphersuite in the info dialog there.
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•