A proposal of https certificate assignment system for luci
Alberto Bursi
bobafetthotmail at gmail.com
Tue Oct 6 17:00:42 EDT 2020
On 06/10/20 19:43, Michael Richardson wrote:
>
> Training users to click through those warnings is exactly what browser makers
are trying to avoid, and browser makers have been trying to make the
exception harder and harder to find. Many would like it removed.
And, for good reason, because it is almost always inappropriate for most
non-technical users to do that. [Children, (grand)parents, etc...]
What are childern and grandparents or non-technical users doing with a
network device's administration interface? There is nothing for them
there, most functions are well above their understanding of the device
and network, they can break configuration, lock themselves out from
Internet access, or disable security settings.
The device interface even on a normal router or NAS is actually accessed
only by people that have some idea of what they are doing, or tinkerers
that are playing with it, or power users that use it in a more
professional way.
Which is why I'm saying the warnings and clicking the buttons are fine,
because the audience is a specific subset of the population.
Grandma, kids, non-tech-savyy people and whatnot will have someone, the
so-called "friendly family nerd" or an actual specialist that will set
up the device for them.
> So, honestly, anyone that needs screenshots to figure it out, should
never be clicking through the links.
new generations of power users still need to learn from somewhere.
> So, just to be clear, are you saying that we should design openwrt to only be
> useable by developers?
The right word is "power users" or "prosumers".
They aren't developers, they may not be network administrators either,
but they know enough about the concepts to work on the devices in a
relatively safe manner.
You don't seem to acknowledge that to get OpenWrt on your device, you
must void warranty and install a custom firmware, taking risks and
assuming responsibility of their actions. These aren't your kid or
grandma or plumber or random commoner.
> Home routers are critical parts of the home IoT ecosystem.
> OpenWRT is shipped in millions of devices by manufacturers too lazy to bother
> doing much.
afaik the only devices where OpenWrt is shipped and the manufacturer
does not care are random chinese junk routers/APs on Aliexpress, and I
don't see why should anyone here care about that, also because they
usually ship Chaos Calmer release (i.e. a 5-ish year old unsupported
release at this point) without SSL enabled anyway.
Do you know of some other specific examples?
-Alberto
More information about the openwrt-devel
mailing list