#3284 closed change (fixed)
Add visible Indication of a secure connection for EV certificates
Reported by: | mario | Assignee: | |
---|---|---|---|
Priority: | P3 | Milestone: | Adblock-Browser-for-iOS-1.3.0 |
Module: | Adblock-Browser-for-iOS | Keywords: | salsita |
Cc: | greiner | Blocked By: | #3203 |
Blocking: | Platform: | Adblock Browser for iOS | |
Ready: | yes | Confidential: | no |
Tester: | Scheer | Verified working: | yes |
Review URL(s): |
Description (last modified by mario)
Background
#3203 introduces a visible indication of certificates by differentiating between malicious certificates, self-signed certificates and properly signed certificates. In #3203 EV certificates are displayed the same as signed certificates. EV certificates, however, should be marked differently to indicate this very type of certificates. Users are used to it due to the fact that the most popular browsers behave that way. Furthermore being able to identify EV certificates improves the user's security, as these certificates are validated extensively.
What to change
As soon as a properly signed EV certificate is used by a website, display the URL bar as such:
- Show a padlock in front of the URL and display the URL in green color as outlined in this screenshot.
- Color to be used for the URL: # 36aa46
- Styleguide
Remark for testers
You can visit the following websites in order to test EV certificates. All of them use EV certificates by default:
You can compare them to ordinary certificates by visiting the following websites, which don't use EV certificates:
Attachments (2)
Change History (10)
Changed 4 years ago by mario
Changed 4 years ago by mario
comment:1 Changed 4 years ago by mario
- Description modified (diff)
comment:2 Changed 4 years ago by mario
comment:3 Changed 4 years ago by greiner
- Cc greiner added
comment:4 Changed 4 years ago by mario
- Description modified (diff)
- Priority changed from Unknown to P3
- Ready set
comment:5 Changed 4 years ago by mario
- Description modified (diff)
comment:6 Changed 4 years ago by pavelz
- Resolution set to fixed
- Status changed from new to closed
comment:7 Changed 4 years ago by mario
- Milestone set to Adblock-Browser-for-iOS-next
Batch modify: added Adblock-Browser-for-iOS-next milestone.
comment:8 Changed 4 years ago by scheer
- Tester changed from Unknown to Scheer
- Verified working set
- Upon visiting one of the suggested EV certificate websites, a green Padlock symbol, as shown above, is displayed in the address bar and the address text is changed from black to green (# 36aa46).
ABB 1.3.0-qa (824)
iPhone 6 Plus - iOS 9.2.1
Dev notes by Pavel as outlined in the original issue:
EV: initial dev info gathering
https://developer.apple.com/library/ios/technotes/tn2232/_index.html
SecTrustCopyResult
http://opensource.apple.com/source/Security/Security-55471/sec/Security/SecTrust.h
https://support.apple.com/en-us/HT205205
mind the EV policy column
Supplemental pseudo algorithm
https://unmitigatedrisk.com/?p=203