User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1b1) Gecko/20060710 Firefox/2.0b1
Internet Explorer 7 has a feature that identifies "extended validation" (also known as "high assurance") certificates, which have been more thoroughly vetted by certificate authorities than regular certificates. The exact way to integrate this information with Firefox's browser chrome may still be under debate, but it would be nice to recognize when an extended validation certificate is encountered and provide the user with some way to know that an extended validation site has occurred. On the "Security" tab of "Page Info" would be a good place to start.
Steps to Reproduce:
1. Install Microsoft Testing Root Certificate Authority certificate
3. Visit https://www.woodgrovebank.com/
Address bar turns yellow with lock icon. Nothing particularly unusual is shown if you click on the lock icon.
Address bar turns green (maybe) and organization name (and possibly CA identity) from certificate is displayed. Or, if that's too radical of a change, at least show some information about the fact that extended validation is present when you click the lock icon.
You can also get the Microsoft Testing Root Certificate Authority certificate here:
If you install it using that tool, you'll need to export it to Firefox using the certificates snap-in in the Microsoft Management Console (C:\WINDOWS\system32\mmc.exe).
More information about extended validation certificates:
I think we've got this one somewhere already. We probably aren't going to turn the address bar green, but the actual UI plan has yet to be finalized.
I don't think this bug is a duplicate.
The exact UI will depend on a lot of things - not least of which is whether we just expose this as-is, or we incorporate the information into some greater "site trust" metric which uses other data sources to help make the decision. I know some people favour that idea.
Reported here : <http://www.theregister.co.uk/2006/10/25/verisign_extended_validation/>. Mostly FUD obviously.
Is there a NSS bug for extended validation SSL ?
More information on EV SSL at http://www.cabforum.org/.
EV capabilities (i.e., the "green bar" and "enhanced security report") are expected to be turned on in IE7 by February 2007, and Opera has expressed its intention to add EV "when it's ready" (see http://labs.opera.com/news/2006/10/09/).
EV-approved CAs (ie CAs who have passed the WebTrust for CA's EV readiness audit for complaince with the EV Guidelines) have begun pre-selling the EV certs.
Created attachment 259216 [details]
light green vs. light yellow / entire urlbar vs. security bar only (plus IE7 & Opera solutions)
For people with red-green color blindness (~20% of caucasian males),
there is effectively NO DIFFERENCE between the green and yellow colors
shown in the attached sample image, except when spatially juxtaposed.
A difference can be seen when the two colors are juxtaposed, but the
two are indistinguishable when seen separately from the other. To be
differentiable when not juxtaposed, two colors must differ significantly
from each other in luminance, or be rather highly saturated and differ
significantly in hue (e.g. at least 30 degrees).
Let me suggest #F6F87C and #6EDC6E for more obviously different
yellow and green values.
Created attachment 259258 [details]
Created attachment 259260 [details]
#F6F87C / #6EDC6E
Implemented the IE functionality via an add-on: https://addons.mozilla.org/en-US/firefox/addon/4828
It would be easy enough to change the colour in the add-on CSS.
On what platforms does this extension work? Vista? WinXP? Mac OS/X? Linux?
(In reply to comment #10)
> On what platforms does this extension work? Vista? WinXP? Mac OS/X? Linux?
This feature is now a FF3 PRD line item (SPI-001b) being tracked in bug 383183. Some of these mockups are pretty sharp, I'd be interested to get impressions of the current test extension over in bug 383183.
*** This bug has been marked as a duplicate of bug 383183 ***