Implement A broken lock icon to indicate Reported attacked websites or websites with Invalid identity certificate

RESOLVED INACTIVE

Status

()

defect
RESOLVED INACTIVE
7 years ago
a year ago

People

(Reporter: Ryuji, Unassigned)

Tracking

Trunk
All
Windows 7
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

Reporter

Description

7 years ago
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20120424 Firefox/14.0a1
Build ID: 20120424030709




Expected results:

A broken lock icon telling users that the sites is not safe due to broken encryption should be implement keeping in line with the new lock designs.
Reporter

Updated

7 years ago
Blocks: 742419
Component: Untriaged → Location Bar
Version: 14 Branch → Trunk
Status: UNCONFIRMED → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 747090
Reporter

Comment 2

7 years ago
Sorry my bad, I was trying to mean sites with Invalid identity certificate or reported attack sites.

It can be done similarly to what was done in Firefox 3. When users encounter websites with Invalid identity certificate, they will see a yellow broken lock in the location bar. When the users encounter a Reported Attack Site, they will see a red broken lock in the location bar.
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
Summary: Implement the broken lock icon to indicate sites broken encryption → Make the lock icon broken to indicate Reported attacked websites or websites with Invalid identity certificate

Comment 3

7 years ago
Confirming, something other than the gray world should be shown when these URLs load IMHO:

http://www.mozilla.org/firefox/its-an-attack.html
http://www.mozilla.org/firefox/its-a-trap.html
Status: UNCONFIRMED → NEW
Ever confirmed: true
Hardware: x86_64 → All

Comment 4

7 years ago
Thinking a bit more on this I don't think the padlock should appear at all in those cases.

I like the idea of using just the globe icon suggested on https://groups.google.com/d/topic/mozilla.dev.apps.firefox/ODX1PJutsLM/discussion (the reporter might be interested in joining the discussion there).

I would like two more colors to be added for scams[1] and untrusted connection[2].

red world = phishing/malware
yellow world = untrusted connection
gray world = HTTP
blue world = HTTPS
green world = HTTPS+EV

The UI would be less "jumpy" IMHO and there's one less icon to maintain.

For bonus points, make the color shades match the ones on the "Larry"[3] icon  that would show when the world is clicked and the door hanger appears.

This way the "browse safely by colors" lesson I gave to mom and my in-laws two or three spring breaks ago wouldn't go to waste entirely ;-)

Alex

[1] http://www.mozilla.org/en-US/firefox/phishing-protection/
[2] https://support.mozilla.org/en-US/kb/This%20connection%20is%20untrusted
[3] https://support.mozilla.org/en-US/kb/Site%20Identity%20Button
Reporter

Comment 5

7 years ago
I don't think that is what is going to be implemented because right now what is implemented is. 

Untrusted connection = ?? (I think you will see the world icon)
Phishing malware = ?? (I think you will see the world icon)
I put ?? because I have not seen a those sites with Firefox 14(nightly) before. 

HTTP --> grey world
Mixed(HTTP+HTTPS)---> grey world
HTTPS + CV ---> Grey lock
HTTPS + EV ---> Green Lock
Summary: Make the lock icon broken to indicate Reported attacked websites or websites with Invalid identity certificate → Implement A broken lock icon to indicate Reported attacked websites or websites with Invalid identity certificate
No longer blocks: 742419
Depends on: 864144
Status: NEW → RESOLVED
Last Resolved: 7 years agoa year ago
Resolution: --- → INACTIVE
You need to log in before you can comment on or make changes to this bug.