"When a website requires a certificate" in Advanced-Encryption options is incomprehensible

RESOLVED FIXED in Firefox 3 beta3

Status

()

RESOLVED FIXED
11 years ago
11 years ago

People

(Reporter: steffen.wilberg, Assigned: Ehsan)

Tracking

Trunk
Firefox 3 beta3
Points:
---
Bug Flags:
blocking-firefox3 -
wanted-firefox3 +

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

3.60 KB, patch
Ehsan
: review+
beltzner
: ui-review+
beltzner
: approval1.9+
Details | Diff | Splinter Review
(Reporter)

Description

11 years ago
In Options->Advanced->Encryption->Certificates, the pref "When a website requires a certificate" is incomprehensible. I didn't understand it until I learned from bug 395399 that it's about *personal* certificates: It's *you* who's identifying himself to the web site, instead of the usual username/password method. The certificate is about *your* identity, not that of the web site.

I'm updating the help text in bug 384997, but this needs to be fixed in the UI as well.
Explanation from the suggested help text:
  Some web sites require you to identify yourself with a personal
  certificate. In order to do so, they generate one for you and ask
  Firefox to store it. When you visit the site in the future,
  Firefox selects the certificate without asking you by default. If
  you wish to manually choose a certificate (for example, if you have
  multiple certificates stored for multiple web sites), select the Ask
  me every time pref and you'll be in complete control of
  what certificates are being sent to web sites while browsing.

The SeaMonkey text is more verbose: "Decide how SeaMonkey selects a security certificate to present to web sites that require one". It's speaking of presenting a certificate, but still missing that it's a personal certificate, identifying yourself to the web site.

I'd suggest to add the word "personal" to the label like this:
-When a web site requires a certificate:
+When a web site requires a personal certificate:
Flags: blocking-firefox3?
(Reporter)

Updated

11 years ago
Summary: "When a website requires a certificate" in Advanced-Encryption options is incomprehinsible → "When a website requires a certificate" in Advanced-Encryption options is incomprehensible
I don't think this blocks, but it's definitely wanted and seems like a label-only fix.
Flags: blocking-firefox3? → blocking-firefox3-
Whiteboard: [wanted-firefox3]
(In reply to comment #0)
> -When a web site requires a certificate:
> +When a web site requires a personal certificate:

This is for the label that prefixes the "ask always" or "select automatically" choice.

What about using "your" in the label?

  "When a web site requires your personal certificate"
(In reply to comment #2)
> What about using "your" in the label?
> 
>   "When a web site requires your personal certificate"

That seems much clearer to me.  I don't know if it meets the criteria for requiring a string ID rev or not?
Maybe we shouldn't say "requires", but say "requests".

There are websites that have "client auth" set to optional.
That is, when you attempt to visit the site, the ssl handshake will request that you hand over a client cert.
If you don't have a cert, or if you refuse to use it, the web site has a choice to:
(a) refuse the connection
(b) show the web page anyway

When doing (b), the web page would probably show content only appropriate for anonymous users.

Furthermore, this is not restricted to "web sites". It applies to any "server" that you do SSL with.

So, my next proposal is:

  "When a server requests your personal certificate"
(In reply to comment #3)
> I don't know if it meets the criteria for
> requiring a string ID rev or not?

I think it's a good idea to do a string ID change.
(Assignee)

Updated

11 years ago
Assignee: nobody → ehsan.akhgari
Target Milestone: --- → Firefox 3 M11
(Assignee)

Updated

11 years ago
Status: NEW → ASSIGNED
(Assignee)

Comment 6

11 years ago
Created attachment 295287 [details] [diff] [review]
Patch (v1)

This patch changes the string's ID as well, as suggested in comment 5.  I've CC'ed firefoxl10n@hotmail.com, and I guess the change in the string ID would alert the localizers to sync soon.
Attachment #295287 - Flags: review?(gavin.sharp)
Flags: wanted-firefox3+
Whiteboard: [wanted-firefox3]
(Assignee)

Comment 7

11 years ago
Comment on attachment 295287 [details] [diff] [review]
Patch (v1)

This needs some acceleration because the l10n freeze is near.
Attachment #295287 - Flags: ui-review?(beltzner)
Attachment #295287 - Flags: review?(mano)
Attachment #295287 - Flags: review?(gavin.sharp)
(Assignee)

Comment 8

11 years ago
Waiting for Beltzner's ui-r.
Whiteboard: [has patch] [needs ui-review beltzner]
(Assignee)

Updated

11 years ago
Whiteboard: [has patch] [needs ui-review beltzner] → [has patch] [has review+] [needs ui-review beltzner]
Comment on attachment 295287 [details] [diff] [review]
Patch (v1)

>-<!ENTITY certselect.description          "When a web site requires a certificate:">
>+<!ENTITY certSelection.description       "When a server requests your personal certificate:">
> <!ENTITY certs.auto                      "Select one automatically">
> <!ENTITY certs.auto.accesskey            "l">
> <!ENTITY certs.ask                       "Ask me every time">
> <!ENTITY certs.ask.accesskey             "i">

I do think that personalizing it is better, but this change creates the prompt:


When a server requests your personal certificate:

( ) Select one automatically     ( ) Ask me every time


It's a little bit odd to read it changing from 2nd person "your" to 1st person "me" in mid-sentence.  Most of our other preferences use first person when they involve the user making an expression of preference ("Remember what I've downloaded", "Ask me before clearing private data").  The comparatively rarer use of 2nd person seems is reserved for cases where we are describing what kind of dialog a widget will launch ("Choose your preferred language for displaying pages  [ Choose... ]").

I suggest changing the string to "When a server requests my personal certificate:"  You can have my ui-r for it with that change, but of course beltzner is welcome and invited to overrule.  :)
(Assignee)

Comment 10

11 years ago
Created attachment 298960 [details] [diff] [review]
Patch (v1.1)

Addressed comment 9, waiting for beltzner's ui-r :-)
Attachment #295287 - Attachment is obsolete: true
Attachment #298960 - Flags: ui-review?(beltzner)
Attachment #298960 - Flags: review+
Attachment #295287 - Flags: ui-review?(beltzner)
Comment on attachment 298960 [details] [diff] [review]
Patch (v1.1)

uir+a=beltzner
Attachment #298960 - Flags: ui-review?(beltzner)
Attachment #298960 - Flags: ui-review+
Attachment #298960 - Flags: approval1.9+
(Assignee)

Updated

11 years ago
Keywords: checkin-needed
Whiteboard: [has patch] [has review+] [needs ui-review beltzner]
Checking in browser/components/preferences/advanced.xul;
/cvsroot/mozilla/browser/components/preferences/advanced.xul,v  <--  advanced.xul
new revision: 1.46; previous revision: 1.45
done
Checking in browser/locales/en-US/chrome/browser/preferences/advanced.dtd;
/cvsroot/mozilla/browser/locales/en-US/chrome/browser/preferences/advanced.dtd,v  <--  advanced.dtd
new revision: 1.30; previous revision: 1.29
done
Status: ASSIGNED → RESOLVED
Last Resolved: 11 years ago
Keywords: checkin-needed, uiwanted
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.