Closed Bug 483178 Opened 16 years ago Closed 16 years ago

Browser Identity SSL Display

Categories

(Firefox :: Security, enhancement)

Product:
Firefox
Component:
Security
Platform:
x86
Windows XP
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 481571

People

(Reporter: admin, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1b3) Gecko/20090305 Firefox/3.1b3 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.1b3) Gecko/20090305 Firefox/3.1b3 I must congratulate you because you finally decided to make the non-ev SSL connection more visible by adding the default "1" value to the browser.identity.ssl_domain_display. So far, is ok, BUT... You need to enable this to the Level 2, because only the Domain is not suited for positive Identification. For example I have a domain, and I delegated some subdomains to others, it would be OK to include the subdomain as well on the Blue Backgroud, at least if you did it so far (1) then a little subdomain is not a problem for you. It is very good to have a little more information + a stricter identification criteria. The client can see in Blue that he is connected to "services.domain.com" or to "games.domain.com" ... etc... it's not just "domain.com", it's to vague. Please make it so to =2. Also if possible, restore the color address bar, blue for non-ev and green for ev... it's more visible, like in IE7, but the bastards from IE7 don't offer a more visible clue on non-EV connections...hope you are not stepping on their tracks... I choosen firefox because it cares more about the users. The colored address bar is not something I hold my teeth to... but at least please set the default to =2 for the identity display. Reproducible: Always Steps to Reproduce: 1. Access a Secure Connection 2. Watch the Address Bar Actual Results: In the new Beta, it displays only the domain name. Expected Results: For a good positive identification, it should display the subdomain as well... for example I have a domain and I delegated 50 subdomains to other parties... each one with a SSL connection... it's not suited to say "domain.sufix" for the entire 50 addresses.
Component: Build Config → Security
QA Contact: build.config → firefox
Blocks: 480357
While not *strictly* a duplicate of bug 471802, I think this reporter is concerned with the same issues as are being discussed in that bug, and we should put that work in one place. Marking this one as a dup.
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → DUPLICATE
Actually, a straight duplicate of bug 481571.
You need to log in before you can comment on or make changes to this bug.