Closed
Bug 1089808
Opened 11 years ago
Closed 11 years ago
[UX] Revise the error page shown for SSLv3
Categories
(Firefox :: Security, defect)
Tracking
()
RESOLVED
FIXED
Iteration:
36.2
People
(Reporter: madhava, Assigned: mmaslaney, NeedInfo)
References
Details
(Whiteboard: [ux])
Attachments
(1 file, 1 obsolete file)
|
1.29 KB,
image/svg+xml
|
Details |
FX_Incontent-alert-60x60.svg
This is the particular variant of the Secure Connection Failed page that will show when a user encounters an SSLv3 site:
http://cl.ly/image/0t1V2O3h0e3d
Given that it's very difficult to show a page in _only_ the cases where we're blocking SSLv3, we should revise this page with appropriate details and tone for the SSLv3 case. This page will show up only very rarely in non-SSLv3 cases.
Non-goals: pictures of a poodle.
|
||
Comment 1•11 years ago
|
||
"Secure connections are like poodles…"
|
|
||
Comment 2•11 years ago
|
||
So to clarify: do this page and the copy need to work equally for all these cases?
- SSLv3 blocked (actual poodle attack)
- SSLv3 blocked (false positive)
- Other connection error (what are the error cases here?)
|
||
Updated•11 years ago
|
Flags: qe-verify-
Flags: firefox-backlog+
Whiteboard: [ux]
|
|
||
Updated•11 years ago
|
Assignee: nobody → mmaslaney
Status: NEW → ASSIGNED
Iteration: --- → 36.2
Points: --- → 3
|
||
Comment 3•11 years ago
|
||
(In reply to Philipp Sackl [:phlsa] from comment #2)
> So to clarify: do this page and the copy need to work equally for all these
> cases?
> - SSLv3 blocked (actual poodle attack)
> - SSLv3 blocked (false positive)
Not sure what you mean by "false positive". We can't distinguish "you are being actively attacked" vs. "you are vulnerable to being attacked but aren't currently being attacked", if that's what you mean.
> - Other connection error (what are the error cases here?)
This is "you are trying to connect to a misconfigured server that is unlikely to work in any other browsers". Rare case.
|
|
||
Comment 4•11 years ago
|
||
Richard: we are assuming here that the majority of the UX impact caused by disabling SSLv3 in 34 will result in SSL_ERROR_NO_CYPHER_OVERLAP neterror pages, and are working on improved designs for that page within the implementation constraints that we have (limited ability to alter localized strings, inability to distinguish the cases in comment 3). If that assumption is incorrect, or if there are important caveats, please let us know.
|
||
Comment 5•11 years ago
|
||
(In reply to :Gavin Sharp [email: gavin@gavinsharp.com] from comment #4)
> Richard: we are assuming here that the majority of the UX impact caused by
> disabling SSLv3 in 34 will result in SSL_ERROR_NO_CYPHER_OVERLAP neterror
> pages
That is correct. There are two important cases here, which both result in SSL_ERROR_NO_CYPHER_OVERLAP:
1. If you try to connect to a server that *only* support SSLv3, then the negotiation will fail with SSL_ERROR_NO_CYPHER_OVERLAP.
2. If you try to connect to a server that supports TLS, and an attacker tries to downgrade you to SSLv3, then the browser will briefly ponder retrying with SSLv3. But then it will see that SSLv3 is turned off, and fail with SSL_ERROR_NO_CYPHER_OVERLAP.
In principle it would be possible to separate these cases, e.g., by setting a flag when falling back to an earlier protocol. But this information isn't currently exposed in any of the structures that provide security information to higher layers in the stack. So unless you think this distinction is very important, it doesn't really seem worth the effort of plumbing it through.
|
Reporter | |
Comment 6•11 years ago
|
||
Because they're relevant, our security and privacy design guidelines: https://people.mozilla.org/~lco/ProjectSPF/
|
|
Reporter | |
Comment 7•11 years ago
|
||
|
|
Reporter | |
Comment 8•11 years ago
|
||
|
|
Assignee | |
Comment 9•11 years ago
|
||
Attached, the "Alert" icon.
|
|
||
Comment 10•11 years ago
|
||
Here are two options for this. I felt like the first one was a bit repetitive, so I tried to shorten and tighten things up in the second one.
Secure Connection Not Possible
Firefox cannot connect securely to $sitename. The site may use SSLv3, a broken security protocol, so Firefox is not able to guarantee the safety of your data.
Advanced info: ssl_no_cypher_overlap
Learn more »
Unable to Make a Secure Connection
Firefox cannot guarantee the the safety of your data on $sitename because it uses SSLv3, a broken security protocol.
Advanced info: ssl_no_cypher_overlap
Learn more »
|
|
Assignee | |
Comment 11•11 years ago
|
||
Nice work Matej!
I prefer option number one, mainly for the "Fire is not able to guarantee the safety of your data" line, which for me, sums up the issue at hand.
Pinging Madhava for review
Flags: needinfo?(madhava)
|
|
||
Comment 12•11 years ago
|
||
(In reply to mmaslaney from comment #11)
> Nice work Matej!
>
> I prefer option number one, mainly for the "Fire is not able to guarantee
> the safety of your data" line, which for me, sums up the issue at hand.
That line is actually in both versions. I prefer the second because it's a bit more succinct, but I could live with either.
Madhava?
|
|
Assignee | |
Comment 13•11 years ago
|
||
Design with updated copy:
http://people.mozilla.org/~mmaslaney/incontent/incontent-ssl-error.png
|
|
||
Comment 14•11 years ago
|
||
Looks good.
If we wanted a shorter headline, we could go with "Unable to Connect Securely."
Let's also match the case in both buttons (I always forget what our standard is there).
Thanks.
|
|
Assignee | |
Comment 15•11 years ago
|
||
Thanks for the feedback, Matej.
Revised:
http://people.mozilla.org/~mmaslaney/incontent/incontent-ssl-error.png
|
|
Assignee | |
Updated•11 years ago
|
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
|
|
||
Comment 16•11 years ago
|
||
Hey, that looks good to me. Definitely a more friendly headline.
Did you ever hear from Madhava?
|
|
Assignee | |
Comment 17•11 years ago
|
||
Updated alert icon
Attachment #8518586 -
Attachment is obsolete: true
You need to log in
before you can comment on or make changes to this bug.
Description
•