Opened on 11/09/2015 at 08:42:19 AM
Closed on 01/27/2016 at 07:08:44 PM
Last modified on 02/23/2016 at 09:05:08 AM
#3284 closed change (fixed)
Add visible Indication of a secure connection for EV certificates
| Reported by: | mario | Assignee: | |
|---|---|---|---|
| Priority: | P3 | Milestone: | Adblock-Browser-for-iOS-1.3.0 | 
| Module: | Adblock-Browser-for-iOS | Keywords: | salsita | 
| Cc: | greiner | Blocked By: | #3203 | 
| Blocking: | Platform: | Adblock Browser for iOS | |
| Ready: | yes | Confidential: | no | 
| Tester: | Scheer | Verified working: | yes | 
| Review URL(s): | |||
Description (last modified by mario)
Background
#3203 introduces a visible indication of certificates by differentiating between malicious certificates, self-signed certificates and properly signed certificates. In #3203 EV certificates are displayed the same as signed certificates. EV certificates, however, should be marked differently to indicate this very type of certificates. Users are used to it due to the fact that the most popular browsers behave that way. Furthermore being able to identify EV certificates improves the user's security, as these certificates are validated extensively.
What to change
As soon as a properly signed EV certificate is used by a website, display the URL bar as such:
- Show a padlock in front of the URL and display the URL in green color as outlined in this screenshot.
- Color to be used for the URL: # 36aa46
- Styleguide
Remark for testers
You can visit the following websites in order to test EV certificates. All of them use EV certificates by default:
You can compare them to ordinary certificates by visiting the following websites, which don't use EV certificates:
Attachments (2)
Change History (10)
Changed on 11/09/2015 at 08:43:14 AM by mario
Changed on 11/09/2015 at 08:43:25 AM by mario
comment:2 Changed on 11/09/2015 at 08:45:00 AM by mario
comment:3 Changed on 11/09/2015 at 01:50:05 PM by greiner
- Cc greiner added
comment:4 Changed on 01/07/2016 at 01:13:54 PM by mario
- Description modified (diff)
- Priority changed from Unknown to P3
- Ready set
comment:6 Changed on 01/27/2016 at 07:08:44 PM by pavelz
- Resolution set to fixed
- Status changed from new to closed
comment:7 Changed on 02/09/2016 at 04:25:18 PM by mario
- Milestone set to Adblock-Browser-for-iOS-next
Batch modify: added Adblock-Browser-for-iOS-next milestone.
comment:8 Changed on 02/23/2016 at 09:05:08 AM by scheer
- Tester changed from Unknown to Scheer
- Verified working set
- Upon visiting one of the suggested EV certificate websites, a green Padlock symbol, as shown above, is displayed in the address bar and the address text is changed from black to green (# 36aa46).
ABB 1.3.0-qa (824)
iPhone 6 Plus - iOS 9.2.1


Dev notes by Pavel as outlined in the original issue:
EV: initial dev info gathering
https://developer.apple.com/library/ios/technotes/tn2232/_index.html
SecTrustCopyResult
http://opensource.apple.com/source/Security/Security-55471/sec/Security/SecTrust.h
https://support.apple.com/en-us/HT205205
mind the EV policy column
Supplemental pseudo algorithm
https://unmitigatedrisk.com/?p=203