Web Browser Security User Interfaces: Hard to Get Right and Increasingly Inconsistent
This interesting and useful post on Web Browser Security User Interfaces: Hard to Get Right and Increasingly Inconsistent by Steve Schultze highlights the growing differences between how browsers interpret the varying security aspects of SSL certificates. I highly recommend reading the article to get a good understand of how your website will look in all the different browsers depending on the type of SSL certificate you use.
Despite the CAB forum's existence as a way of unifying the SSL/browser experience each browsers seems to have its own interpretation of how these "standards" should be implemented.
Earlier I posted about how Firefox 4.0 no longer had the padlock symbol on secure websites. The padlock symbol has been a long standing and instantly recognised way of highlighting secure websites. But, as suggested by Firefox, has this lead to a false sense of security?
Green is the emerging colour for websites using Extended Validation SSL certificates. But there is also wildy different interpretations of how this should be implemented. IE8+ has implemented an entire green address bar while FireFox and Chrome have opted for just the company name in green. Safari 4 implementation is even less obvious with just the letters in green.
What is your view on the different browser implementations? Was Firefox right to drop the padlock symbol?
