Jennifer Sobey
Studies have shown that many users have a tendency to ignore security indicators in web browsers because they are focusing on their primary tasks rather than on security. There is also evidence that many users do not fully understand the concept of certificates. With the introduction of Extended Validation SSL certificates, the question remains of whether or not web browsers can find a way to integrate support for these new certificates that will be useful in combating phishing and Internet fraud.
The CA/Browser Forum consists of Certification Authorities (CAs) and many of the popular web browser software vendors. Browsers such as Internet Explorer 7.0 and Firefox 3.0 are beginning to provide features that support the new certificates. While we feel that many of their ideas are a step in the right direction, we wanted to evaluate how users will react to these changes and investigate whether or not there are further improvements that could be made. This talk will describe the early results of a user study we conducted based on Mozilla's beta version of its newest version of Firefox.
More information regarding the CA/Browser Forum can be found at: http://www.cabforum.org