Increasingly Inconsistent Browser Security User Interfaces

Bruce Morton

I recently posted about Mozilla’s plan to remove the padlock icon from the Firefox user interface. Here is a complementary post from Steve Schultze of Princeton’s Center for Information Technology Policy, Web Browser Security User Interfaces: Hard to Get Right and Increasingly Inconsistent. Schultze discusses how the mainstream desktop browsers are becoming less and less consistent. In addition, the wide spread use of mobile browsers adds another element of inconsistency.

Website operators, who have been trying to educate users on how to tell they have securely connected to their website, are in for a challenge. And this is probably a lost cause. With the ever-changing user interface, this responsibility now lies with the browser developers. The problem is the browser developers do not do a good job of communicating the message to the user.

End-users probably want to stick with their choice of browser and get to know it really well. Switching from browser to browser will likely result in even more confusion.

Bruce Morton
Bruce Morton
Director, Certificate Technology & Standards

Bruce Morton has worked in the public key infrastructure and digital certificate industry for more than 15 years and has focused on SSL and other publicly trusted certificates since 2005. He has been an active member of the CA/Browser Forum that released guidelines for extended validation (EV) certificates and Baseline Requirements for SSL certificates. Bruce oversees the governance and compliance of Entrust’s publicly trusted PKI.


Add to the Conversation