Regarding indicators, I agree that it should be more apparent. Perhaps a dedicated bar that occupies an entire edge-to-edge horizontal area.
I would propose that it might have two distinct messages, as well: 1. A message that an explicitly known MiTM certificate exists in the certificate chain being relied upon. This would allow for explicit warning about known MiTM infrastructures and would allow tailoring any "more info" resource to explicitly call out that it is known that interception is being performed. 2. A message that indicates that a non-standard certificate chain is being presented, which might mean corporate interception, private websites within an organization, etc, etc. On Thu, Jul 18, 2019 at 2:11 PM Andrew via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > I agree a persistent indicator is a good idea. From what I understand > Firefox does already have an indicator hidden in the site information box > that appears when you click the lock icon in the address bar ( > https://bugzilla.mozilla.org/show_bug.cgi?id=1549605 ). This should be > more visible in my opinion. Maybe add an asterisk next to the lock icon or > something. > > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
