Many Users don't know what PSM means. It would be nice if the installer popup a warning if the user decide to not install PSM.XPI We get many bugs from users who can't visit HTTPS pages. (see bug 47617 for the new Necko error message) "Warning: PSM is needed for SSL. If you not install PSM you are not able to visit HTTPS pages"
Changing all three installers to add pop up warnings when arbitrary components are deselected would be a fair amount of work. I'd prefer one of a number of simpler config.ini solutions we could do without changing the code. Off the top of my head the obvious ones are 1) change the component text. The name listed is already the expanded "Personal Security Manager" not PSM (for the benefit of folks reading the bug) but we could perhaps add "(required for HTTPS, etc.)" to the end of either the name or description. 2) Don't make PSM optional, always install it (the solution used by Netscape 6.x and my preference) I'm not sure why PSM is optional in the first place. It might just be historical, or there might be good mozilla.org reasons. Are there enough people who want the smaller non-crypto browser to justify the number of confused people? Especially in light of the number of people who download the tarball/zip versions with no optional pieces whatsoever?
I would agree to choice 1). Add something to the text. An alert would piss me off if I unselected PSM which I do on occasion if I just want to download an older build to test a rendering. Can we get something in for 0.9.8 ? Anything we can do to decrease the number of bugs filed on this would be great. More QA time can be spent on other bugs.
The current text was obviously not thought out AT ALL. Look at the Navigator description. does it just repeat 'Navigator' uselessly? Look at QFA... *clearly* explains what it does in 7 words. Can we s/crashes to Netscape/crash data to developers/ here? Even mailnews clarifies what it is, though E-mail really should be hyphenated. But that's another battle. PSM's current description is: Personal Security Manager (PSM) for crypto operations \----------1------------/ \-2-/ \-------3-------/ 1: Start off by wasting half the limited space we have by repeating what they just clicked on. 2: Now, waste 6 more chars of space giving an abbreviation for no reason 3: Now, say it's for something no user has ever heard of, or thinks they'll need. So of course there's people posting to the newsgroups daily asking why https doesn't work, or what the 'No socket' error is for. > 2) Don't make PSM optional No! I often skip PSM install as I update mozilla daily... saves some disk space (I usually have a month of old mozilla installs around, so *30) and download time. All 3 of the https sites I need to use are IE-only, so unless I know I'll need it for some reason, I skip it, and XPI it when I rarely end up wanting it. Also, there are ugly import/export problems with PSM, which a commercial product like Netscape can manage, but would be bad for Mozilla.org. Also, eventually, and ideally, there will be alternate SSL implementations. So, suggestions to make it more clear: Cryptography component - required for HTTPS, S/MIME, SSL, etc. support Crypto support, required to do SSL (HTTPS), S/MIME, and whatever Pick one or a combination of the above, and let's get this in, so we don't have another round of confused users for 0.9.8. Should I file a separate bug for the small QFA wording change?
I agree 100% with dveditz, and think the answer to his first question is "No". However, I'd hate to piss off these 2 guys, and #1 should be sufficient. Syd, I think this has a high bang/buck ratio, could we get some suitable text from Doc and substitute it?
dveditz, as I said in bug 47617, * HTTPS is optional because (as Timeless took a very long time to say) we want Mozilla to be distributable in places where HTTPS is unimplemented (e.g. QNX), unnecessary (e.g. some kiosks), or illegal (e.g. Iran). I think the *name* of the PSM component should be changed from `Personal Security Manager' to `HTTPS and S/MIME support' or similar. (I'm assuming you can't do anything useful with PSM if it's the only item you install.)
> I think the *name* of the PSM component should be changed [...] to `HTTPS and > S/MIME support' "Personal Security Manager" is a distinct product which includes things such as certificate management, etc, so I think the installer should continue to refer to it by its real name. HTTPS, and S/MIME are the sort of things that should go in the description field. (as shown in my suggestion, comment 3). Also, let's move PSM up one in the installer, so it's right after Navigator. Puting it after Mail & News makes it get lost in the rest of the bloat a lot of people don't want. They might see MailNews and just start unchecking everything after it figuring it's non-browser stuff.
The descriptions are getting re-worked in bug 123975. I'm trying to get an improved PSM description into that bug.
This bug also talks about moving PSM to a different location in the components list which I believe is of interest to ns so I'm adding greggl to the cc list.
PSM is invisible/required in commercial, so order and wording don't matter there. This Mozilla-only problem comes about because PSM is optional for the convenience of the extremely small (but exceptionally important) minority of people who download daily test builds. But for the hundreds of thousands of casual users who download milestone builds we'd like to make it unlikely or impossible for them to skip PSM because it just leads to confusion and complaints. I suppose another option would be to add the INVISIBLE attribute on milestone branches, and leave PSM optional only in nightly builds. That would be a pain to remember to do each cycle -- let's try rewording/reordering this component first and see if that helps.
I'll get things going on Windows.
Adding cotter for possible comment on PSM description.
I have no problems if we close this bug. We had no bugs reports in the last few weeks about a not installed PSM.
I guess if users aren't complaining, that is the ultimate test.