Opened 4 years ago

Closed 4 years ago

Last modified 4 years ago

#3284 closed change (fixed)

Add visible Indication of a secure connection for EV certificates

Reported by: mario Assignee:
Priority: P3 Milestone: Adblock-Browser-for-iOS-1.3.0
Module: Adblock-Browser-for-iOS Keywords: salsita
Cc: greiner Blocked By: #3203
Blocking: Platform: Adblock Browser for iOS
Ready: yes Confidential: no
Tester: Scheer Verified working: yes
Review URL(s):

Description (last modified by mario)

Background

#3203 introduces a visible indication of certificates by differentiating between malicious certificates, self-signed certificates and properly signed certificates. In #3203 EV certificates are displayed the same as signed certificates. EV certificates, however, should be marked differently to indicate this very type of certificates. Users are used to it due to the fact that the most popular browsers behave that way. Furthermore being able to identify EV certificates improves the user's security, as these certificates are validated extensively.

What to change

As soon as a properly signed EV certificate is used by a website, display the URL bar as such:

Remark for testers

You can visit the following websites in order to test EV certificates. All of them use EV certificates by default:

You can compare them to ordinary certificates by visiting the following websites, which don't use EV certificates:

Attachments (2)

certificate style guide.png (133.3 KB) - added by mario 4 years ago.
certificateEV v2.png (19.3 KB) - added by mario 4 years ago.

Download all attachments as: .zip

Change History (10)

Changed 4 years ago by mario

Changed 4 years ago by mario

comment:1 Changed 4 years ago by mario

  • Description modified (diff)

comment:2 Changed 4 years ago by mario

Dev notes by Pavel as outlined in the original issue:

EV: initial dev info gathering
https://developer.apple.com/library/ios/technotes/tn2232/_index.html
SecTrustCopyResult
http://opensource.apple.com/source/Security/Security-55471/sec/Security/SecTrust.h
https://support.apple.com/en-us/HT205205
mind the EV policy column
Supplemental pseudo algorithm
https://unmitigatedrisk.com/?p=203

comment:3 Changed 4 years ago by greiner

  • Cc greiner added

comment:4 Changed 4 years ago by mario

  • Description modified (diff)
  • Priority changed from Unknown to P3
  • Ready set

comment:5 Changed 4 years ago by mario

  • Description modified (diff)

comment:6 Changed 4 years ago by pavelz

  • Resolution set to fixed
  • Status changed from new to closed

comment:7 Changed 4 years ago by mario

  • Milestone set to Adblock-Browser-for-iOS-next

Batch modify: added Adblock-Browser-for-iOS-next milestone.

comment:8 Changed 4 years ago by scheer

  • Tester changed from Unknown to Scheer
  • Verified working set
  • Upon visiting one of the suggested EV certificate websites, a green Padlock symbol, as shown above, is displayed in the address bar and the address text is changed from black to green (# 36aa46).

ABB 1.3.0-qa (824)
iPhone 6 Plus - iOS 9.2.1

Note: See TracTickets for help on using tickets.