Re: [Fed-Talk] Forcing Safari to use Email Cert
Re: [Fed-Talk] Forcing Safari to use Email Cert
- Subject: Re: [Fed-Talk] Forcing Safari to use Email Cert
- From: Dan Morrison <email@hidden>
- Date: Tue, 13 May 2008 16:38:53 -0600
As a SW Engineer (working as a Systems Engineer), I completely
understand the reasons that engineers should follow standards, and not a
common implementation of the standard. A large part of my professional
life revolves around how people choose to implement the IEEE-1278.1
standard, and the challenges of mating differing implementations.
I guess my issues with Apple's implementation of this (with the caveat
that my understanding of the underlying standards is limited to the
current conversation) are:
1) Apple provides a method to specify certs, but places it in Keychain,
when the users' interaction with websites is through Safari. Providing
a preferences UI in Safari to view and modify the Safari-related
Keychain preferences would remove a level of difficulty for users, while
maintaining the "purity" of Keychain. There is no reason that multiple
client apps cannot allow the user to explicitly modify the Keychain
database (Safari certainly modifies the database implicitly).
2) When I go to a site requiring a cert, Safari sends a cert, but does
not (as far as I can tell) tell me it is sending a cert or which cert it
is sending. Adding an "Alert user prior to sending a certificate" with
a "Never show again for this site" option would provide a useful level
of visibility.
-Dan
Timothy J Miller wrote:
On May 13, 2008, at 1:51 PM, Boyd Fletcher wrote:
so the users get screwed because a bunch of s/w engineers want to be
idealists. that's silly, for an operating that is well known for its
ease of
use, the fact that this is still not working in an acceptable manner is
inexcusable. operating systems and software exist solely to make people's
lives easier and more efficient. they serve no other useful purpose.
On the other hand, requiring the s/w engineer to accommodate all the
idiotic things the sysadmin can do makes the code bloated, unreliable,
and unsupportable.
Which *also* harms the user.
Which side wins?
rock * hardplace
^-- You are here.
-- Tim
------------------------------------------------------------------------
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden