I'm having a discussion with the managing director of an organization  
that I'm the Web master for, about whether to put up information on  
the site about the site's security certificate having expired.

I'm dealing with the ISP, who has apologized, said they were changing  
SSL providers, they'll fix it as soon as they can, it won't happen  
again.

Meanwhile...

The managing director wants me to take down the page I put up about  
the situation.  She doesn't want to "draw attention to it" (the  
problem).

The organization is in the middle of registration for fall classes.

I am trying to explain that users who see the messages their browsers  
display, don't understand that the site is actually secure.  The  
messages alarm them.

I think we have to have some information on the site, so our users  
know that we are aware of the problem and dealing with it.  What I  
have on the page right now explains what's actually happening, that we  
are dealing with the problem, alternatives for registering, and our  
apologies.

She's concerned about the reactions of the people who come to this  
site for some other purpose than registering. She thinks they might  
get a bad impression of the organization from the page.

Does anyone have any information about the effects on user trust of  
messages about Web site problems and that they are being dealt with?  
Especially users who are not encountering the problem (because they  
are not registering).

Thanks.

-- Louise
[log in to unmask]

    --------------------------------------------------------------
        Tip of the Day: Forward out-of-office replies to
                    mailto:[log in to unmask]
     CHI-WEB: www.sigchi.org/web POSTINGS: mailto:[log in to unmask]
              MODERATORS: mailto:[log in to unmask]
       SUBSCRIPTION CHANGES & FAQ:  www.sigchi.org/web/faq.html
    --------------------------------------------------------------