The number of posts on this blog hasn't been large recently, and it's not about to increase, as I am off to China for three weeks from Sunday. Anything urgent and Mozilla-related should go to Frank Hecker (hecker at mozillafoundation.org).
My neck, thank you for asking, is doing very well. Because the top layer of skin has come off and there's no hair growing any more (don't women pay lots of money to have that done?) it's lovely and smooth, and in good shape. The redness is fading fast.
The next set of photos are up on the radiotherapy page.
I've made really good progress this week. Up until my appointment on Thursday, I was still wearing the Geliperm and so on, but then they changed it for something lighter. Most of the top layer of skin has peeled off on the top of the shoulder, but what's left is in good shape and the redness is fading fast. It's going to be a little while before the hair grows back, though.
People keep asking me when I'll know whether all this trouble and inconvenience did any good - the answer to which, of course, is 'not until the Second Coming'. If the cancer doesn't come back in that area, well it might not have anyway. And if it does, well it might have come back earlier without the treatment. Or it might not. It's impossible for us to tell. I might be tempted to despair, if I didn't know that a loving, ruling God who cares about me personally was watching over the whole thing...
Firefox 2 on Linux - anyone else see title-attribute-based tooltips not working (e.g. hyperlinked bug numbers in Bugzilla comments)? I did a reduced test case and they just plain don't display when I mouse over and wait.
Of course, any search to try and find the problem is swamped by lots of posts complaining about alt-attribute-based tooltips (correctly) not working...
Instead of inflicting what are now fairly nasty pictures of me onto the whole world (including MozillaZine Feedhouse) without warning, I've now moved the radiotherapy account to its own page on gerv.net - please see there for this week's photos and account.
The summary is that my skin's a bit of a mess, but now the treatment is ended it will hopefully be getting better. And I have a cold too :-(
My latest Times Online article, "Open secret: how Firefox 2 was born", is now available. The title they gave it is perhaps a little over-expansive; it's a quick look at a few of the (minor) downsides to being an open project.
For some time, the Mozilla Foundation has been taking part in a group called the CA/Browser Forum (CABF), an association of the major public-facing CAs and all the major browser-makers except Apple.
Currently, there is no minimum level of validation which is done before a certificate is issued, leading to the existence of "domain control only" certificates, which have no information in them about the party to whom they are issued. Such certificates have some uses, but are not recommended for e-commerce. Other CAs claim to do more vetting - however, their methods are trade secrets and there is no standardisation. However, the current browser presentation of all certificates is the same padlock icon.
The aim of the group is to develop a new, higher standard for the validation which is done before certificate issuance, called Extended Validation. The idea was that such certs would be presented differently in the UI, to give the CAs a reason to go to the extra effort, and to give customers a reason to buy them. In IE 7 at least, the use of an EV certificate is tied to the green background in the URL bar.
The Foundation representatives have so far not made a commitment to the CABF on the exact timing or nature of our support for EV. This includes the UI.
The guidelines have been developed via a very long and drawn-out process, including several face-to-face meetings with competing specifications from different groups of CAs over the past two years. Eventually and quite recently, a Microsoft employee synthesised a unified specification, which has now been made available for public comment.
While the CABF website has a public comment procedure, I suggest it would be best for the Foundation to try and come to a consensus within the project first. We need to decide whether EV will make a material difference to the reliability of information in certificates and, if so, whether that warrants a different UI presentation for EV certificates. It would also be good to have a more general discussion about how we present security information to users. Ideally, I would be able to give any feedback to the editor before November 19th, after which there may be another vote on adopting the updated specification. Please join the discussion in the mozilla.dev.security newsgroup.