Firefox 4.0 will be the first major browser shipped without a ‘lock’ icon for SSL connections. Instead, we have identity indicators like the EV indicator and the domain indicator.
Lots of websites tell users to “look for the lock” to check they are secure. These websites will want to update their text to say something else. It would be awesome if we had already developed some (cross-browser) text and graphics they could use, one text for EV and one for non-EV sites. We could work to make it as simple as possible. We could even create a website which detected the user’s browser and explained what to look for, and also provided instructions for sites who wanted to take our explanation and ship it on their site.
If we don’t do this, we will get site authors writing messages like “look for a green bar” instead of the much more useful “look for site identity”. And another opportunity to improve the security of the web will be lost.
Anyone up for doing this?