For those of you who have not seen the blog by the IE7 product team, you may want to check it out. In particular, I found a post on their plans (or lack of) for making SSL more secure in the new browser. While they don’t say what they will be doing to make sure users have an easy way to validate SSL certificates to reduce phishing scams, they are at least thinking along the right lines.
I am very curious to see what they come up with. This is no small task they are trying to accomplish and will take some very good UI design to be unobtrusive yet effective in alerting users to the possibility of fraudulent sites.
They also give some good advice we all should be using to ensure that SSL protects our users. Those of you that work for financial companies may want to pay special attention.