Closed
Bug 1057035
Opened 10 years ago
Closed 10 years ago
The text in the certificate exception dialog for a domain mismatch uses the wrong terminology
Categories
(Core :: Security: PSM, defect)
Core
Security: PSM
Tracking
()
RESOLVED
FIXED
mozilla36
People
(Reporter: keeler, Assigned: Cykesiopka)
References
(Blocks 1 open bug)
Details
Attachments
(3 files, 1 obsolete file)
(deleted),
patch
|
Cykesiopka
:
review+
phlsa
:
ui-review+
|
Details | Diff | Splinter Review |
(deleted),
image/png
|
Details | |
(deleted),
image/png
|
Details |
When adding a certificate override for a domain mismatch, the text currently reads:
"Certificate belongs to a different site, which could indicate an identity theft."
"Identity theft" has a different meaning than what could be happening in these cases (i.e. that someone is attempting to impersonate a site).
Assignee | ||
Comment 1•10 years ago
|
||
This patch uses the terminology from certerror.whatShouldIDo.content.
(addExceptionExpiredLong "[...] It is impossible to verify whether this identity was reported as stolen or lost." also looks like it should be changed, but I'm not sure about this.)
Assignee: nobody → cykesiopka.bmo
Status: NEW → ASSIGNED
Attachment #8511634 -
Flags: review?(dkeeler)
Reporter | ||
Comment 2•10 years ago
|
||
Comment on attachment 8511634 [details] [diff] [review]
bug1057035_v1.patch
Review of attachment 8511634 [details] [diff] [review]:
-----------------------------------------------------------------
Yeah, most of these other descriptions are fairly unclear as well. Anyway, looks good to me. I suggested a few other updates. This should probably also get sign-off from someone from UX before it lands (e.g. :phlsa).
::: security/manager/locales/en-US/chrome/pippki/pippki.properties
@@ +152,5 @@
> #Add Security Exception dialog
> addExceptionBrandedWarning2=You are about to override how %S identifies this site.
> addExceptionInvalidHeader=This site attempts to identify itself with invalid information.
> addExceptionDomainMismatchShort=Wrong Site
> +addExceptionDomainMismatchLong2=Certificate belongs to a different site, which could mean that someone is trying to impersonate the site.
nit: I would say "The certificate..." and "... impersonate this site". (I think all of these should start with "The certificate..." instead of "Certificate...")
@@ +157,2 @@
> addExceptionExpiredShort=Outdated Information
> addExceptionExpiredLong=Certificate is not currently valid. It is impossible to verify whether this identity was reported as stolen or lost.
Maybe something like this: "The certificate is not currently valid. It may have been stolen or lost, and could be used by someone to impersonate this site."
@@ +157,4 @@
> addExceptionExpiredShort=Outdated Information
> addExceptionExpiredLong=Certificate is not currently valid. It is impossible to verify whether this identity was reported as stolen or lost.
> addExceptionUnverifiedOrBadSignatureShort=Unknown Identity
> addExceptionUnverifiedOrBadSignatureLong=Certificate is not trusted, because it hasn't been verified by a recognized authority using a secure signature.
This should probably be "The certificate is not trusted because it hasn't been verified as issued by a trusted authority using a secure signature."
Attachment #8511634 -
Flags: review?(dkeeler) → review+
Assignee | ||
Comment 3•10 years ago
|
||
+ Makes the suggested changes from Comment 2
+ Standardise strings that mention "site" with the phrase "this site" for consistency
Attachment #8511634 -
Attachment is obsolete: true
Attachment #8512418 -
Flags: review+
Assignee | ||
Comment 4•10 years ago
|
||
Comment on attachment 8512418 [details] [diff] [review]
bug1057035_v2.patch
Hi Philipp,
Could you give the new wording a review?
Thanks.
Attachment #8512418 -
Flags: ui-review?(philipp)
Comment 5•10 years ago
|
||
It would be great to see the old and the new version in context.
Could you provide screen shots? Thanks!
Flags: needinfo?(cykesiopka.bmo)
Assignee | ||
Comment 6•10 years ago
|
||
(In reply to Philipp Sackl [:phlsa] from comment #5)
> It would be great to see the old and the new version in context.
> Could you provide screen shots? Thanks!
Sure.
Flags: needinfo?(cykesiopka.bmo)
Assignee | ||
Comment 7•10 years ago
|
||
This is the cert exception dialogue showing the relevant old versions of the error texts.
Assignee | ||
Comment 8•10 years ago
|
||
This is the cert exception dialogue showing the relevant new versions of the error texts.
Comment 9•10 years ago
|
||
Comment on attachment 8512418 [details] [diff] [review]
bug1057035_v2.patch
Thanks for the screenshots!
The new wording is definitely better.
There's a different issue in there (which is likely material for a new bug) in that it is quite hard to decipher which headline belongs to which paragraph (in the leftmost screenshot). But that has nothing to do with the strings, just with the way the text is laid out.
Attachment #8512418 -
Flags: ui-review?(philipp) → ui-review+
Assignee | ||
Comment 10•10 years ago
|
||
Thanks for the reviews!
https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=707eecbcb322
Keywords: checkin-needed
Comment 11•10 years ago
|
||
Keywords: checkin-needed
Comment 12•10 years ago
|
||
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla36
You need to log in
before you can comment on or make changes to this bug.
Description
•