Steve,

If you don't like seeing cumbersome security warnings for insecure https connections, how about not using https when what you really want is http in the first place?

Because I don't necessarily have the choice. When I'm reporting a bug on a given open source Trac, they often put https on them because they think it's better for them (and for them it is because they generated the certificate and so on), and there is no http version. Note that when I use https for myself, I import my CA in firefox, so I don't have a single warning, so I kind of know how to avoid them when I care about https. But there isn't always a plain HTTP alternative, and that is what makes it a real PITA.

Okay, you want to warn the user the https isn't secure, there are plenty of ways that don't require you to add an exception on a certificate. I spoke of the little lock, because that's what is even on IE, but please remember than when you browse trusted https, the URL bar is in this kind of yellow. Well, if the https is unsecure, just don't put that background. If you really want, you can add some kind of rosa color to mark that it's "bad" but it in a not too terrible way (in opposition to a broken/invalid certificate and where the URL bar should be blinking red with an air-raid like siren).

I repeat, the fact that the HTTPS certificate is self-signed never changes the fact that when a given user goes on this kind of https site, he wants to be there, and HE WILL click on the 5 silly steps of the SSL exception thing. So why bother ? It serve one single purpose: pissing users off.

And for what it's worth, I disagree with you, most of the people that are not computer related I know absolutely don't know they could think that http_s_ is more secure than http. Each time I give them an URL without the http:// part they ask, is this https or http ?, because they absolutely don't get the difference, and I don't try to explain it to them, because this would lead them to think https is better. Those kind of people only rely on visual helpers from the browser part. They really do.

PS: yes I also believe that bad security is worse than no security because it gives the illusion for people to be safe, and then they have bad behavior. When your condom is broken, things can go really wrong. But you missed my point, in the sense, probably because I'm too annoyed to make it clear inbetween rants. My point really was what I tried to explain, namely that if people don't know they should think there is security in the first place, your remark is moot, and for the other you can activate the different URL background, it's just fine. Of course, invalid certificates must remain a pain to go through, this whole thing is only about the untrusted ones.

Okay, following my irritated post I received (sigh) complaints about me being too harsh. So to these people here is what I say, because I'm tired answering the same thing over and over.

For starters, the SSL dialog in firefox is badly designed:

1. My mom doesn't grok it, so it totally fails the "corridor testing" (see JoelOnSoftware if you don't know what it is), stop pretending otherwise;
2. since it fails with the "average not very computer literate user", I, as an advanced user, believe to be representative of this kind of person, say and affirm that this UI is completely broken and horrible, not to mention counter-intuitive.

That said, I have other things to say on the form. Yeah I've been harsh, and I will continue to be about this issue: this has not been designed with the simplicity in mind, but by geeks (FSVO geek) that believe that it's important to educate people about how nice HTTPS is and that everyone should talk in S3kr3t because its 733t. And I'm sure they tried very hard to make it very painful for users to have to deal with HTTPS and not believe in it to be trusted for bad reasons. Why ?

• because geeks want to use https when possible ;
• but they care about it to be secure (FSVO secure);
• and that they want the whole world to do like them because they know the TRUTH.

HELLLOOOO PEOPLE this is the wrong way to do it. People are already aware that it is https, because they did typed https in the URL. And again, my mom doesn't know what the s in https stands for and she doesn't care. What she cares about is to see the small lock when she logs on her bank website, not even when she goes on her webmail. You REALLY want to make a simple UI ? Well, please try to explain and justify (with real arguments) Why on earth is https with an untrusted certificate less secure than http ?.

Okay I'll let you 3 seconds to think.

1
2
3…

What is your answer ? OH see ? it isn't. So now second 1€ question, why does it need to be more painful to use https with an untrusted certificate than plain http ?. Well, I don't have 3 seconds to give anymore, so let's jump to the answer: there is absolutely no reason.

See, I'm far from an UI expert, and what I use every day for UIs would revulse 99% of the planet: vim as an editor, awesome as a tiling window manager, vimperator for a browser, and I live most of the time in a terminal. But it takes me like 10 minutes to design what I believe to be an excellent UI for https with untrusted certificate: just don't mind the certificate and show it like plain HTTP.

YES I'M ANNOYED

That brings me to the last point. I see in my comments, and have received the same by mail, that I should not be harsh with people writing such a brilliant piece of software.

Well, the fact that firefox is or is not a good piece of software is totally irrelevant. When you claim no less than trying to reinvent the web, well, if you fuck up this big, you deserve it. No matter if it's a free piece of software or not. (or a piece of free software or not).

When you request your users to click on FIVE completely counter-intuitive buttons/urls to finally be able to see a webpage they want to see (and my mom doesn't care about the webmail being insecurely hosted, really), with the first screen being almost the same than what you get when a serer timeouts or 404, well, you're just out of your mind. There is absolutely nothing that can excuse such a bad design, and the SSL thing is a failure. I mean everyone is laughing at the vista way of asking you if you really meant to go pee, well I see no difference here, it's as dumb and inefficient.

No matter how much firefox did improved (and it did memory wise, believe me, I feel it, and I'm really glad about that), https is part of my everyday's life. Those five clicks are a real PAIN. When I'm reading documentation, browsing some sources, and so on, I go through this dialog about 3 to 10 times in a row. I'm totally unimpressed, and just because a couple of geeks believed that it was GOOD™ to educate me about how dangerous untrusted certificates are, I have to break my workflow to grab my mouse in the middle of my work. No sorry, I don't really want to be calm.

In fact, what annoys me the most, is that I'm a programmer. And as a programmer, the worst thing to me, is regression. Regression is what happens when you're sloppy, and don't test your program enough. It's what happen when you aren't good enough to keep your concentration, and don't see the big picture, and constantly break your program invariants. So when I see a regression that people did on purpose, well, it shocks me beyond what I can explain with words, that's the worst thing you can do to a piece of software. I won't really mind a new feature that only partially works, I won't mind if a feature that is complicated to write isn't there after 5 years dreaming of it, but this ? I do mind. There is no way to consider that ruining a piece of software like that to the name of A Greater Good is excusable.

Oh and last words: wanting to educate people this way is a way worst offense that what I will ever say on the subject. Such a condescending approach to what they think of their users reminds me of various journalists that I met, and that when I tried to rephrase some things so that they can write about it to their readers, answered to me oh you know, they're too dumb, they'll never understand. And as a result, articles or interview are always distorted, can't interest the readers that don't care about the subject a lot, because there's nothing captivating in the article, and is totally inexact and uninteresting to people interested in the matter, because it's void from its substance. Well, the SSL dialog gives me the very same impression: it's annoying to me who knows what a SSL certificate is, and my mom won't know a single bit more what an SSL certificate is and why she should care^[1].

Yes Stefano, I too believe that the SSL certificate thingy in Iceweasel 3 is just a bad joke.

I mean WHAT THE FUCK WERE THEY THINKING ? At least in the RCs it improved, and the logo isn't the same as 404, it took me 10 refresh the first time I saw it to understand that it was not a 404 but an untrusted self-signed certificate.

And the whole "exception" thing is absurd. NO I DON'T WANT TO ADD AN EXCEPTION you morons. Here would be a good UI, that I never saw implemented in any browser but would make sense:

• I want to browse the damn site, that you remember for me the current certificate, and browse without pretending it's safe (this way users do not believe to be protected when they are not).
• Next time I go to that website again, if the untrusted certificate changed, then and only then I want to be bugged about the fact that this website changed its certificate.
• I don't want any popup, anything, no "yellow" background in the URL (as the certificate is not trusted) no nothing, just browse it as if it was plain HTTP wrt the UI.

It's enough for 99.9% of the users.

Then, some of us really care about importing some untrusted certificates (for our own webmails e.g.). Then well, a small button that allows advanced users to check, import, and mark an untrusted certificate as trusted is just what one needs. One can even hide that in some menu, it would be fine. I for example, have only checked the SSL certificate from my webmail and something like 3 or 4 websites. I do NOT want to be bugged for the other.

But no, instead we have this completely delirious interface that no-one can sanely call User Interface. They're on crack.

Anyways, here is a way to make your pain easier, either in about:config or in your ${HOME}/.mozilla/firefox/${profile-with-name-on-crack-id}/user.prefs set the following values this way^[1]:

 user_pref("browser.ssl_override_behavior", 2);
 user_pref("browser.xul.error_pages.expert_bad_cert", true);

It makes validating a certificate two clicks away (one of the settings shows the 'add exception' buttons instead of showing a link to make them visible, the other settings makes firefox download the certificate for you so that you don't have to ASK HIM to do so^[2].

And you know the worst thing ? I'm sure the guy(s) who wrote this fucking dialog is(are) very proud of it.

 ┌─(1:55)────
 └[artemis] sudo dpkg --purge ion3 ion3-scripts
 [sudo] password for madcoder: 
 (Reading database ... 126510 files and directories currently installed.)
 Removing ion3-scripts ...
 Purging configuration files for ion3-scripts ...
 Removing ion3 ...
 Purging configuration files for ion3 ...
 dpkg - warning: while removing ion3, directory `/etc/X11/ion3' not empty so not removed.
 dpkg - warning: while removing ion3, directory `/usr/lib/ion3/lc' not empty so not removed.
 Processing triggers for menu ...
 Processing triggers for man-db ...
 sudo dpkg --purge ion3 ion3-scripts  1,25s user 1,19s system 12% cpu 19,539 total

AAAAAAAAAAAAAAHHHHHHHHHHHHHHHHHHHHHHHHH I feel better now.

I'm right now a proud awesome-3-git user. The current git version has 90% of what I used in ion3. I mostly mis tabs, but I'm almost already used not to have them anymore, tiling is way better after all, and there are pure lua implementations of those around, just the current one are not nice enough (IMHO) but it can only improve. Another missing feature is autocompletion in the launch command / ssh to / ... menus. But I assume this would not really be hard to add.

OTOH there are already things that I like better in awesome: it's easier to extend than ion3, the widgets are a fantastic idea, it uses antialiased fonts, and so on. And layouts are a really clever idea for sure.

See here to see what it can look like.

With firefox3 entering unstable, it's now possible to upload firefox3 extensions.

Vimperator just entered unstable tonight, just enjoy it. For those not knowing about it, it's an excellent extension that gives to your firefox the vim look and feel. People that are already hooked to git will love it. Tiled window manager users usually love it.

The best feature it has is the so called “quick hints” feature. Type f in command mode, to have nice labels next to every link in the page. You can type some letter, and only links that contains those letters will have the hints, and you'll see something like this (I added 'mo' after having asked for quick hints like you can see in the ruler):

Dear Bastian let's fix your blog post.

Philipp thinks, the fact that rng is not using the information in /usr/share/bug renders rng “unfit for release” and upgraded the corresponding bugreport from wishlist to serious. Moreover: since I dared to downgrade the report back to wishlist he decided to remove rng from testing and block it until the bug is fixed.

s/Philipp/the Release Team/g. And yes, we believe that reportbug-ng goes against the Maintainers wishes, and doesn't help users that don't know how to report a bug (and which are rng audience unless I'm mistaken).

I don’t want to heat the debate about this bug again, but Philipp’s decision seems arbitrary for me and I wonder if the same standard is applied to every other Debian package.

It's not, it was discussed in the Release Team and was not Philipp on his own alone. And yes, the same standards of quality is wanted for every package in Debian.

I mean, rng has no release critical defects.

That's you claiming that, there have been really constructive remarks in both bug that we upgraded, and that I think explain wisely why the current reportbug-ng behaviour doesn't makes it a suitable reportbug tool right now. I think for example that Sam's and Michael Biebl contributions in both bugs are good explanations of what is wrong and why.

It just does not use the aforementioned scripts as additional information in bugreports — does this really render the software “unfit for release”?

Yes it does. Again, people that use rng are I think, less experienced users, who need guidance through the bug reporting process. The kind of users that often send annoying bug reports. Instead of lowering the annoyance factor, you aggravate it. In the end, rng makes the frustration higher, and totally fails to meet its primary goals: making bug reporting nicer, simpler, and more efficient for the Reporter and the Maintainer. While it's probably nicer for the reporter, you totally fail on the other part of the contract. And if you don't care about the Maintainer, then well, reportbug-ng is just a spam machine to them, and your careless attitude toward them is “unfit for release” for sure.