Browsers and how I think they should show Trust and Encyption

A follow up from my previous post;

Firefox 12 Currently

...has something like this to show trust and encryption (the colors are off but hopefully you get the idea, the actual blue and green are much nicer on the eyes): [V] The Vanguard Group Inc, (US)   https://personal.vanguard.com/us/CorporatePortal

[d]duckduckgo.com   https://duckduckgo.com/?q=cheese

[g]google.com   https://encrypted.google.com

[/.] slashdot.org

My proposal:

[V] The Vanguard Group Inc. (US)    personal.vanguard.com   /us/CorporatePortal

[d] duckduckgo.com   /?q=cheese

[g] encrypted.google.com

[/.] slashdot.org

I'm curious if you can figure out what everything means in my proposal without explanation.

Explanation

  • Green is for trust and only for trust.  Notice how the favicon is only colored at all when using Extended Validation.  AFAIK it should never be a domain name.
  • Blue is for encrypted and only for encrypted, and only used for the sub+domain name.  I'm hoping this will provide a non-color cue for those who are colorblind, to differentiate between the two.
  • I got rid of the greying out of text and moved to a bolding of the domain name, this helped due to my bad green/blue colors but might not be necessary in the real version
  • Spacing between the domain name and the rest of the url to help keep them even more separate in a quick glance
  • Oh, and the complete lack of https/http, I would want to see Opera's awesome feature implemented where they hide them unless you click on the URL bar.

My overall goal was to try to communicate both a level of trust and a level of encryption, while making it easy at a glance.  In addition, giving us the option in the future to really separate these two concepts.

Looking for suggestions, comments, and feedback before I try to propose it to Mozilla.  Check out my previous blog post for what they are actually planning to do for Firefox 14.

Comments

  • The focusing on the certificate name is nice for the certification authorties but doesn’t increase security that much as long as it’s not clear what proof of identity the certification authority requires.

    I guess most users will not spot the difference between “The Vanguand Group Inc. (US)” and “The Vanguard Group Inc. (US)”. Marking a connection to “personal.vanguand.com” as “trusted” helps someone who got this domain and certificate to pretent to be Vanguard.

    In my opinion for most use cases the important information is “that’s the same site I used before”. Therefor it would be nice if the user could assign some visual clue (e.g. an icon) to a certificaten and have the browser to display that clue everytime this certificate is used.

    So if the user assigns some cute kitten icon with his bank’s web site he’ll easily know “No cute kitten –> NOT MY BANK!”.

    This would even work for web sites with a certificate that’s not from a certification authority known by the browser.

    1. Bryan says:

      For them to get Vanguand Group they would actually need to be incorporated as the Vanguand group in the US. I’m pretty sure, Vanguard would sue them before they can get that. – That’s the big benefit of EV.

      I totally agree that we should incorporate the user’s sense of trust into it somehow. User selected site icons is an interesting idea.. I was also thinking of some sort of First Visit notice…

  • foo says:

    The meaning of colours is highly culturally determined, red doesn’t always mean bad, green doesn’t always mean good. I strongly suggest not doing that.

  • Oxwivi says:

    I second! Furthermore, with the favicons being featured on tabs as well, it’d be more useful to boot the favicon form the address bar and replace it with an icon with the sole purpose of indicating if the connection is encrypted or not (would complement your idea as it does not show https://), a la Opera.

    By the way, I’m curious as to how we can propose features, changes and such to Mozilla. Is it the same as other projects (mailing list, IRC, etc)?

    1. Oxwivi says:

      Oh, and the icon should have three states: one of them being mixed content (obtained through both secure and unsecure connections); the last two are the trust and encryption as you describe.

  • It’s interesting that you decided to keep the favicon in the address bar. In your previous post you mentioned that there isn’t a great deal of difference between having favicons in the address bar or on the tab, and that users can and will look in the wrong place (which I agree with).

    Have you seen the mockups that Alex Faaborg did a while ago for reducing redundancy in the address bar? It is very similar to your design here. Basically, the goal was to move to the site-identity block to be the effective hostname. Here is a link to the mockup in case you are interested: https://bug588270.bugzilla.mozilla.org/attachment.cgi?id=466899

    Implementing the design that you have proposed brings with it some technical challenges. Bolded fonts are rendered differently on all the major OSes, and we would need to figure out how to transition from the colored and spaced out URL to a plaintext URL when the user gives focus to the address bar. None of these issues make this a bad idea, but they would need to be figured out before something like this could be shipped.

    Thanks for writing up the proposal, I think it is very well thought out 🙂

    1. Bryan says:

      On the favicon vs lock icon, I went with favicon, because I don’t want to reinforce that a lock means they are safe.

      I really like those mockups, and I think from seeing them I understand more of why switch to a lock/web at all. If it’s part of a transition to using that space for the different activation that makes some sense.

      I didn’t realize bold could have so many problems…

  • JanC says:

    The problem is that if you want to show trust, you need a way to audit what CA to trust. The CA I have seen to be trustworthy only cover a very small share of the market (try removing Symantec/Verisign from you browser as “trusted” CA–because they are not trustworthy–if you want to see the effect of making SSL/TLS really secure to common users).