Security/Reviews/IdentityBox
Jump to navigation
Jump to search
Full Query
Full Query
Please use "Edit with form" above to edit this page.
Item Reviewed
| New Idenity Box Design | |||||||||||||
| Target |
2 Total; 0 Open (0%); 1 Resolved (50%); 1 Verified (50%); |
||||||||||||
{{#set:SecReview name=New Idenity Box Design
|SecReview target=
| ID | Summary | Priority | Status |
|---|---|---|---|
| 612253 | Need a shortcut key to focus the input line in web console | P2 | VERIFIED |
| 742419 | Implement new identity block design (lighter weight with a generic icon) | -- | RESOLVED |
2 Total; 0 Open (0%); 1 Resolved (50%); 1 Verified (50%);
}}
Introduce the Feature
Goal of Feature, what is trying to be achieved (problem solved, use cases, etc)
- We will remove the favicon from the Firefox address bar and replace it with a generic icon in http and mixed content scenarios. Use a grey lock in https, and a green lock in https+ev. The verified domain will be hidden in https. The verified identity will be visible in https+ev.
What solutions/approaches were considered other than the proposed solution?
- current state
Why was this solution chosen?
- to make the state of pages clearer to users
Any security threats already considered in the design and why?
`
Threat Brainstorming
- "Your connection to this website has been encrypted to prevent eavesdropping."
- That statement makes me very uncomfortable, as encryption doesn't prevent eavesdropping: it attempts to protect a combination of confidentiality and integrity, depending on the algorithms chosen. I think this is an important distinction, not a pedantic argument, as it can lead users to assume a false level of security. I'm not sure what the right words to use are - a different question - but I believe that these are not it. If we change this, it's something we'll want to do a blog post explaining. - adamm
- Out of scope for this review, the Larry dialog is a separate effort.
{{#set: SecReview feature goal=* We will remove the favicon from the Firefox address bar and replace it with a generic icon in http and mixed content scenarios. Use a grey lock in https, and a green lock in https+ev. The verified domain will be hidden in https. The verified identity will be visible in https+ev. |SecReview alt solutions=* current state |SecReview solution chosen=* to make the state of pages clearer to users |SecReview threats considered=' |SecReview threat brainstorming=* "Your connection to this website has been encrypted to prevent eavesdropping."
- That statement makes me very uncomfortable, as encryption doesn't prevent eavesdropping: it attempts to protect a combination of confidentiality and integrity, depending on the algorithms chosen. I think this is an important distinction, not a pedantic argument, as it can lead users to assume a false level of security. I'm not sure what the right words to use are - a different question - but I believe that these are not it. If we change this, it's something we'll want to do a blog post explaining. - adamm
- Out of scope for this review, the Larry dialog is a separate effort.
}}
Action Items
| Action Item Status | Complete | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Release Target | ` | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Action Items | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
<td[DONE] done
6 Total; 0 Open (0%); 6 Resolved (100%); 0 Verified (0%); |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{{#set:|SecReview action item status=Complete
|Feature version=`
|SecReview action items=
<td[DONE] done| Who | bug | Action | By When | Completed date
[NEW] new [DONE] Done [MISSED] Miss |
| UX | bug 747093 | A blog post about how moving the display of favicon.ico from the area supplying trusted information from the browser, to the tab, protects users. | during Beta | [DONE] done |
| jaws | bug 747090 | Change the icon for mixed content | by Beta for FF 14 | [DONE] done |
| jaws | bug 747088 | Don't include https:// in the mixed content case | by FF15, or sooner if possible. | [DONE] done |
| jaws | bug 747087 | Make the https:// black (to match the domain color) in the https non-ev case | by FF15 | [DONE] done |
| jaws | bug 747085 | Make the https: green in the https ev case | by FF15 (not a security requirement) | [DONE] done |
| jaws | bug 747083 | Make the lock icon darker for the non-ev case | by FF15 |
| ID | Summary | Priority | Status |
|---|---|---|---|
| 747083 | Update the identity icons to have a darker lock icon for HTTPS and greener lock icon for HTTPS+EV. | -- | RESOLVED |
| 747085 | Make the https:// green in the https ev case | -- | RESOLVED |
| 747087 | Make the https:// black (to match the domain color) in the https non-ev case | -- | RESOLVED |
| 747088 | Don't include https:// in the location bar in the mixed content case | -- | RESOLVED |
| 747090 | Change the icon for mixed content | -- | RESOLVED |
| 747093 | Favicon blog post | -- | RESOLVED |
6 Total; 0 Open (0%); 6 Resolved (100%); 0 Verified (0%);
}}