Security/Reviews/IdentityBox: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 34: | Line 34: | ||
<tr> | <tr> | ||
<td>UX </td> | <td>UX </td> | ||
<td>747093 </td> | <td>{{bug|747093}}</td> | ||
<td>A blog post about how moving the display of favicon.ico from the area supplying trusted information from the browser, to the tab, protects users.</td> | <td>A blog post about how moving the display of favicon.ico from the area supplying trusted information from the browser, to the tab, protects users.</td> | ||
<td>during Beta</td> | <td>during Beta</td> | ||
| Line 41: | Line 41: | ||
<tr> | <tr> | ||
<td> jaws</td> | <td> jaws</td> | ||
<td>747090 </td> | <td>{{bug|747090}}</td> | ||
<td>Change the icon for mixed content </td> | <td>Change the icon for mixed content </td> | ||
<td>by Beta for FF 14 </td> | <td>by Beta for FF 14 </td> | ||
| Line 48: | Line 48: | ||
<tr> | <tr> | ||
<td>jaws </td> | <td>jaws </td> | ||
<td>747088 </td> | <td>{{bug|747088}}</td> | ||
<td>Don't include https:// in the mixed content case </td> | <td>Don't include https:// in the mixed content case </td> | ||
<td>by FF15, or sooner if possible. </td> | <td>by FF15, or sooner if possible. </td> | ||
| Line 55: | Line 55: | ||
<tr> | <tr> | ||
<td>jaws </td> | <td>jaws </td> | ||
<td>747087 </td> | <td>{{bug|747087}}</td> | ||
<td>Make the https:// black (to match the domain color) in the https non-ev case </td> | <td>Make the https:// black (to match the domain color) in the https non-ev case </td> | ||
<td>by FF15 </td> | <td>by FF15 </td> | ||
| Line 62: | Line 62: | ||
<tr> | <tr> | ||
<td>jaws </td> | <td>jaws </td> | ||
<td>747085 </td> | <td>{{bug|747085}}</td> | ||
<td>Make the https: green in the https ev case</td> | <td>Make the https: green in the https ev case</td> | ||
<td>by FF15 (not a security requirement) </td> | <td>by FF15 (not a security requirement) </td> | ||
| Line 69: | Line 69: | ||
<tr> | <tr> | ||
<td>jaws </td> | <td>jaws </td> | ||
<td> 747083</td> | <td>{{bug|747083}}</td> | ||
<td>Make the lock icon darker for the non-ev case </td> | <td>Make the lock icon darker for the non-ev case </td> | ||
<td>by FF15 </td> | <td>by FF15 </td> | ||
Revision as of 18:21, 19 April 2012
Please use "Edit with form" above to edit this page.
Item Reviewed
| New Idenity Box Design | |
| Target | |
{{#set:SecReview name=New Idenity Box Design
|SecReview target=
- https://bugzilla.mozilla.org/show_bug.cgi?id=742419
- https://bug742419.bugzilla.mozilla.org/attachment.cgi?id=612253
}}
Introduce the Feature
Goal of Feature, what is trying to be achieved (problem solved, use cases, etc)
- We will remove the favicon from the Firefox address bar and replace it with a generic icon in http and mixed content scenarios. Use a grey lock in https, and a green lock in https+ev. The verified domain will be hidden in https. The verified identity will be visible in https+ev.
What solutions/approaches were considered other than the proposed solution?
- current state
Why was this solution chosen?
- to make the state of pages clearer to users
Any security threats already considered in the design and why?
`
Threat Brainstorming
- "Your connection to this website has been encrypted to prevent eavesdropping."
- That statement makes me very uncomfortable, as encryption doesn't prevent eavesdropping: it attempts to protect a combination of confidentiality and integrity, depending on the algorithms chosen. I think this is an important distinction, not a pedantic argument, as it can lead users to assume a false level of security. I'm not sure what the right words to use are - a different question - but I believe that these are not it. If we change this, it's something we'll want to do a blog post explaining. - adamm
- Out of scope for this review, the Larry dialog is a separate effort.
{{#set: SecReview feature goal=* We will remove the favicon from the Firefox address bar and replace it with a generic icon in http and mixed content scenarios. Use a grey lock in https, and a green lock in https+ev. The verified domain will be hidden in https. The verified identity will be visible in https+ev. |SecReview alt solutions=* current state |SecReview solution chosen=* to make the state of pages clearer to users |SecReview threats considered=' |SecReview threat brainstorming=* "Your connection to this website has been encrypted to prevent eavesdropping."
- That statement makes me very uncomfortable, as encryption doesn't prevent eavesdropping: it attempts to protect a combination of confidentiality and integrity, depending on the algorithms chosen. I think this is an important distinction, not a pedantic argument, as it can lead users to assume a false level of security. I'm not sure what the right words to use are - a different question - but I believe that these are not it. If we change this, it's something we'll want to do a blog post explaining. - adamm
- Out of scope for this review, the Larry dialog is a separate effort.
}}
Action Items
| Action Item Status | In Progress | |||||||||||||||||||||||||||||||||||
| Release Target | ` | |||||||||||||||||||||||||||||||||||
| Action Items | ||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||
{{#set:|SecReview action item status=In Progress
|Feature version=`
|SecReview action items=
| Who | bug | Action | By When | Completed date
[NEW] new [DONE] Done [MISSED] Miss |
| UX | bug 747093 | A blog post about how moving the display of favicon.ico from the area supplying trusted information from the browser, to the tab, protects users. | during Beta | [NEW] new |
| jaws | bug 747090 | Change the icon for mixed content | by Beta for FF 14 | [NEW] new |
| jaws | bug 747088 | Don't include https:// in the mixed content case | by FF15, or sooner if possible. | [NEW] new |
| jaws | bug 747087 | Make the https:// black (to match the domain color) in the https non-ev case | by FF15 | [NEW] new |
| jaws | bug 747085 | Make the https: green in the https ev case | by FF15 (not a security requirement) | [NEW] new |
| jaws | bug 747083 | Make the lock icon darker for the non-ev case | by FF15 | [NEW] new |
}}