Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

He wants to kill those options. Not all the options. I don't think that was a good-faith response.

Can you defend the SSL 3.0 and TLS 1.0 checkboxes?



But he does want to kill plenty of these options. Thats why he constantly remarks about Addons, as if a Firefox addon should be able to globally disable JavaScript. It's the fault of this article: he constantly implicates that because something is an overly niche option, it should be done away with completely, instead of just removing it from the UI.

Certificate manager in an addon? What?!


The certificate management interfaces of every mainstream browser are so bad that they actually harm Internet security. They all need to be replaced. Add-on cert management interfaces sound peachy to me.


The point here being that you should not delegate cert management to an addon. Addons have no business being exposed to any of that, they need to be sandboxed in and restricted.

And yes, they are so bad to the point they are harmful, but the only reason they are in there is because Firefox has it's own certificate store, more of a portability quirk than anything.


The certificate UX for other browsers is no better.


Okay, but he didn't comment on the possibility of putting it in a hidden preference screen available by URL only. He hasn't explicitly commented on the middle ground between preference screens available from the menu and add-ons, so it's not fair to say that he's claiming it should be done away with completely.

His point was, and I agree with it, that a mass browser does not need to expose cert management in a way that the 99.9% can access it because it's likely to cause more harm than good for anyone who is not capable of jumping through a few extra hoops to get to it.


I'm sorry, but the answer isn't to remove options that often make sense. You don't want to be like the Gnome guys, who in the guise of making things "user friendly" removed often extremely useful functionality.

Like removing the certificates manager. Or cache control. Or the ability to restrict cookies. Or JavaScript. Or the ability to turn off menubars, should you so desire to do so (kiosk mode). All of these things are used by people. Just because he doesn't like it, doesn't mean others don't want it.


For what it's worth, some versions of the web interface for VMWare Server 2.0 will not work without disabling SSL 3.0.


File a bug in Bugzilla in the Evangelism component asking Mozilla to chat with the VMWare folks, and file another bug against the browser requesting a fix for whatever autodetection prevents it from falling back to some other protocol.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: