- From: <michaelhorowitz@gmail.com>
- Date: Wed, 17 Dec 2014 17:15:04 -0800 (PST)
- To: security-dev@chromium.org
- Cc: public-webappsec@w3.org, blink-dev@chromium.org, dev-security@lists.mozilla.org
Received on Thursday, 18 December 2014 14:20:09 UTC
User Interface suggestions: I think coloring the address bar background is the way to go. Small icons are too easily missed, and even if every browser agreed to use the same icon, (unlikely) they would likely be placed differently. Also, error messages are likely to be ignored by non-techies who will not understand them. As for suggested colors, red, yellow and green have a universal meaning. With that in mind, I suggest starting with HTTP - yellow background HTTPS lite green background HTTPS with EV certificate darker green background Then, phase two might be: HTTP: red background HTTPS with mixed mode: yellow background HTTPS: still light green HTTPS with EV cert: still dark green To further emphasize the red and/or yellow, the entire browser window might be framed in that color, along the lines of what Sandboxie does. I would also add an explanation of the colors right in the address bar. The word "color" with a white "i" in a blue circle should be obvious as the explanation. Clicking it (or perhaps just hovering on mouse based OSs) should popup a description of what the colors mean.
Received on Thursday, 18 December 2014 14:20:09 UTC