Although not released yet, the latest betas of Firefox 4.0 indicate that Mozilla has removed the https lock icon from the browser. Different forms of the lock icon have been used since the earliest commercial releases of Netscape and Internet Explorer browsers. The lock icon is currently used in all major desktop browsers: IE, Firefox, Chrome, Safari, and Opera. It is also promoted as a symbol of security by many web-sites; just do a Google image search on SSL lock or SSL padlock and see for yourself.
Mozilla’s rationalization for dropping the lock icon is that it is a misunderstood symbol and doesn’t indicate that the user is safe. That is, although you have a secure SSL connection, it may not be safe if you don’t know who you are connected to. My thinking is although you may not know who you are connected to, at least the lock icon indicates that you are safe from third-party hackers.
Mozilla does offer other indicators to the left of the address bar. These include a blue button highlighting the domain name for site with domain validated (DV) or organization validated (OV) SSL certificates; or a green button for EV SSL certificates. In both cases, if you click on the button, you will get more information about the web-site and SSL certificate.