Closed Bug 426673 Opened 16 years ago Closed 16 years ago

Build an intro page for the FF3 Identity UI

Categories

(www.mozilla.org :: General, defect)

Product:
www.mozilla.org
Component:
General
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED FIXED

People

(Reporter: johnath, Assigned: sgarrity)

References

Details

Slater, beltzner, faaborg, mconnor and I have been talking over the last few weeks about having a page similar to:

http://www.mozilla.com/firefox/phishing-protection/

that talks about our Identity UI.  This would potentially be linked-to from the identity popup (when I file that browser bug, I will reference this one.)

The proposed url is:

http://www.mozilla.com/firefox/security/identity/

or, actually, with localization magic:

http://%locale%.www.mozilla.com/%locale%/firefox/security/identity/ 

Slater has the proposed copy text - I'll attach it here tomorrow, when I'm on the right computer.  :)
Copy text by me, edited by beltzner:

Firefox 3 contains a new site identity button to help you know who you're connecting to when online.  This feature allows you to see at a glance whether the web site you're visiting has supplied information about their identity, who has verified that information, and whether they protect your information from eavesdroppers.  You can access the site identity for any website by clicking the site's icon, on the left edge of the location bar.

Frequently Asked Questions

1.  What do the different levels of identity information mean?

The "passport officer" icon will change, to reflect the level of identity information supplied by the web site.

[ Insert Gray/Blue/Green/Red Larry images, and associated text ]


2.  Why don't all web sites supply verified identity information?

Most web sites on the internet do not request any personal or financial information from visitors, and may not feel it necessary to undertake the cost of providing verified identity information and eavesdropping protection.

Web sites that do want you to supply personal or financial information, or that claim to represent government or business entities, should always identify themselves properly, and protect your information from eavesdroppers.

3.  Is it safe to do business with sites that don't identify themselves?

Deciding whom to trust online starts with knowing who you're talking to, but that's not the whole story.  Sites that don't provide identity information and don't protect your personal information put you at risk, and should not be considered safe.  But even sites that identify themselves properly might still have practices you disagree with, or lax web site security.

Just like in the real world, you should use caution when interacting with sites you don't know and trust.  Knowing that the site has identified itself properly is part of making those trust decisions.

4.  Does Mozilla verify this information for every web site?

The information used to identify web sites is not verified by Mozilla.  Instead Firefox, like other browsers, relies on a set of trusted companies called "Certificate Authorities" who verify a web site's identity and issue identity "certificates."  These companies must adhere to the Mozilla CA Certificate Policy [ link ca policy to: http://www.mozilla.org/projects/security/certs/policy/ ] which, among other things, requires CAs to provide 3rd party audits confirming that they do not issue certificates inappropriately.
Blocks: 426835
This is a late and unplanned l10n web change, so this will be proposed as a "nice to have translated" to the web localizers who will work on it on a best-effort basis, based on the time they can invest on it, but it shouldn't be blocking the release of a locale if the page isn't translated given the late notice.
The page is now live on the staging server, viewable here:
https://www-firefox3.authstage.mozilla.com/en-US/firefox/security/identity/
(username: ff3, password: r3sk1n)

I also filed bug 428441 to get it QA'd. The Larry icons will need to be reviewed to make sure they're current before the final FF3 launch. 

Questions and comments are welcome...
Depends on: 428441
Something about that URL is funky. Log in to https://www-firefox3.authstage.mozilla.com/, if you have problems, and then proceed. I couldn't get to log in to the identity page directly.
Ad-hoc comments:

"One-Click Site ID" sounds like an Amazon patent on the one hand, and on the other hand is likely not-translatable. Just "ID" will break things. Like the shortest you would have in German for ID is "Perso", which is ugh-ly German. And doesn't fit here, either. The right word is likely "Identität". Other languages might be lengthier.

I'd avoid "One-Click" like the plague, and abbreviations won't work in general.

I'm not sure what to think about the expanding boxes, which make me scroll down then anyways. I'd either go for one pane at a time, or the whole content at once.

The actual content sounds cool, I just hope that's not because it's 3 am and my brains have been off half a paragraph. You'll get more eyes, I'm sure.
(In reply to comment #5)
> "One-Click Site ID" sounds like an Amazon patent on the one hand, and on the
> other hand is likely not-translatable. 
Thanks Axel. That's the official name of the feature that we've been using everywhere...having said that, though, I'm sure that wiser minds than mind can figure out a l10n workaround.

> I'm not sure what to think about the expanding boxes, which make me scroll down
> then anyways. I'd either go for one pane at a time, or the whole content at
> once.
Unless there are major UI concerns here from Mike or Johnathan, I'd prefer to keep the expanding boxes as is...that treatment is consistent with the way similar content is handled on the rest of the site.
What's the status on this page? This is a new in-product page and I need to give it to localizers as soon as possible.
The QA bug for this page - bug 428441 - has been resolved as fixed, so unless there are any objections I'd say this one is safe for l10n.
Is this closeable now?  The page has been live for several months.
Johnathan: just resolve it fixed and I'll verify.
(In reply to comment #10)
> Johnathan: just resolve it fixed and I'll verify.

As you wish, my liege.  I don't know who pushed the original page, and hence I don't know who to officially assign this to.  Rather than leave it assigned to nobody, I'll be the guy people can yell at.  If someone knows who actually pushed this, feel free to update the assignee.
Assignee: nobody → johnath
Status: NEW → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
This was all Steven Garrity, iirc; verified FIXED.
Assignee: johnath → steven
Status: RESOLVED → VERIFIED
Component: www.mozilla.org/firefox → www.mozilla.org
Component: www.mozilla.org → General
Product: Websites → www.mozilla.org
You need to log in before you can comment on or make changes to this bug.