[Pkg-mozext-commits] [SCM] perspectives-extension branch, debian, updated. 4.2-4-136-gd6962eb

[Dave Schaefer]

The following commit has been merged in the debian branch:
commit c3eedeb74ad8cb90e17a17148093fbddee022405
Author: Dave Schaefer <dave.schaefer at gmail.com>
Date:   Sun Jun 10 23:06:07 2012 -0700

    Documentation - Clarify sentence
    
    Should read "an attacker must be on all network paths between you and a notary".
    Thanks to one of our translators for catching this! :)

diff --git a/plugin/chrome/locale/en-US/help.dtd b/plugin/chrome/locale/en-US/help.dtd
index 595aa05..3f64f7e 100644
--- a/plugin/chrome/locale/en-US/help.dtd
+++ b/plugin/chrome/locale/en-US/help.dtd
@@ -2,7 +2,7 @@
 <!ENTITY h3whatisPerspectives "What is Perspectives?">
 <!ENTITY whatisPerspectives "Perspectives helps prevent 'Man-in-the-Middle' attacks against HTTPS communication by verifying the authenticity of the server's SSL public key. This is particularly important when you connect to websites that have 'self-signed', mismatched, or expired certificates, which cause Security Errors and prevent you from connecting to some HTTPS websites.">
 <!ENTITY h3howDoesItWork "How Does it Work?">
-<!ENTITY howDoesItWork "Perspectives builds on the fact that most of the time the Internet works correctly. When attacks do occur, they are likely to be either limited in scope (e.g., a single compromised router) or limited in duration (since large attacks can be more easily detected). Perspectives uses periodic network probing from many vantage points across the Internet to help your browser detect both types of attacks.  A set of machines called 'network notaries' scattered across the Internet and run by academic researchers periodically probe each server to request its current public key. When your browser needs to authenticate a key, it asks each network notary for the keys they have seen the server using over time and verifies that these records are consistent with the key they received.  Thus, in order to fool your browser into accepting an invalid key, an attacker must be on all network paths between a notary and have compromised those paths for a significant amount of time such that the key change is not deemed suspicious. In this way, Perspectives implements a type of lightweight PKI with network probes from multiple vantage points taking the place of manual verification performed by certificate authorities (e.g., Verisign).">
+<!ENTITY howDoesItWork "Perspectives builds on the fact that most of the time the Internet works correctly. When attacks do occur, they are likely to be either limited in scope (e.g., a single compromised router) or limited in duration (since large attacks can be more easily detected). Perspectives uses periodic network probing from many vantage points across the Internet to help your browser detect both types of attacks.  A set of machines called 'network notaries' scattered across the Internet and run by academic researchers periodically probe each server to request its current public key. When your browser needs to authenticate a key, it asks each network notary for the keys they have seen the server using over time and verifies that these records are consistent with the key they received.  Thus, in order to fool your browser into accepting an invalid key, an attacker must be on all network paths between you and a notary and have compromised those paths for a significant amount of time such that the key change is not deemed suspicious. In this way, Perspectives implements a type of lightweight PKI with network probes from multiple vantage points taking the place of manual verification performed by certificate authorities (e.g., Verisign).">
 <!ENTITY h3preferences "Preferences">
 <!ENTITY preferencesIntro "This section helps you understand the configuration parameters you can control via Perspectives' 'Preferences' panel.">
 <!ENTITY securitySettings "Security Settings: What is Quorum and Quorum Duration?">

-- 
perspectives-extension