New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 302561 link

Starred by 10 users

Issue metadata

Status: Fixed
Owner: ----
Closed: Nov 2014
Cc:
EstimatedDays: ----
NextAction: ----
OS: Android
Pri: 2
Type: ----

Blocking:
issue 302553



Sign in to add a comment

Android: simplify the display of security information in the page info bubble

Project Member Reported by clamy@chromium.org, Oct 1 2013

Issue description

The current display of security information is cryptic for most users. We should provide an abbreviated version in simple language. The old version should still be available, and one click away.
 

Comment 1 by clamy@chromium.org, Oct 1 2013

Blocking: chromium:302553

Comment 2 by mea...@chromium.org, Aug 11 2014

Labels: Cr-Security-UX

Comment 3 by f...@chromium.org, Aug 11 2014

Cc: finnur@chromium.org sashab@chromium.org palmer@chromium.org

Comment 4 by sashab@chromium.org, Oct 15 2014

This is done; strings agreed on in https://docs.google.com/a/google.com/document/d/1Db6KamnUbNmR0_h0QuAtlEvdM1N7hO06-72R8AhMFIs/edit.

However, *the old information is no longer available*. How do we feel about this? Where is a good place to surface the old information that was available, e.g. the specifics of the SSL certificate?

Comment 5 by f...@chromium.org, Oct 16 2014

Cc: egm@chromium.org
This is a good question. One suggestion was that people should get it in DevTools by plugging their phone in to a computer, but I don't know if that satisfies all use cases (might be frustrating for people w/o a computer).

Comment 6 by palmer@chromium.org, Oct 16 2014

Yeah, I am not super comfortable with the remote Dev Tools answer. Even if only because a handful of power users will complain.

Comment 7 by sashab@chromium.org, Oct 16 2014

Cc: benwells@chromium.org
Is putting a button in somewhere an option? It could be something like "More details" and go near the Copy URL button.

We could even work in some Chrome Task Manager style humour somewhere, e.g. "Details for nerds". 

Comment 9 by egm@chromium.org, Oct 17 2014

Ideally I would prefer a consistent solution, where Connection info is accessed from roughly the same place on both Clank and desktop. However, after talking with Chris about this it sounds like Connection info on Clank will only be used by a handful of power users, so we might as well go for the simplest solution on Clank that makes Connection info accessible without needing to plug their phone into a computer. 

All that is to say, +1 to putting an entry point from PageInfo on Clank, but moving Connection info to dev tools on desktop. Rebecca, suggestions on how to integrate the entry point in a subtle way that isn't easily stumbled upon by lay users? "Details for nerds" could be fun :) 
Cc: f...@chromium.org
Adding felt to this discussion - just to confirm, are we happy launching PageInfo in M40 on Android with no way of accessing the existing connection information? Do you think there will be users who will feel we've removed functionality from Android by making the detailed connection information inaccessible?

Comment 11 by f...@chromium.org, Oct 20 2014

Re #10: I am comfortable with launching PageInfo in M40 with no way of accessing the detailed connection info. The new version is better for 99% of users, and we should not block it for a power user feature.

With that being said, we should continue working on it to figure out a solution for M41 or M42 so that both sets of users can have access to the information they need. (To be a bit selfish: I use the connection info tab myself, so I agree we should figure out the right way to make it reappear. :)

Comment 12 by f...@chromium.org, Oct 20 2014

sashab@/egm@, is there already a bug open for the detailed connection info on Clank?

Comment 13 by egm@chromium.org, Oct 20 2014

Just filed a design bug for it: https://code.google.com/p/chromium/issues/detail?id=425158
Status: Fixed
Closing this bug as we now have simplified security information. 425158 will now block the main bug until we add detailed security information back.

Comment 15 by cg6...@gmail.com, May 20 2015

Re #11
97% of users will never even try to hit the padlock - they will just be happy to see the green https. So this change is only relevant to 3% of total users and it has made Android worse for a significant fraction of those users. Additionally, the impact to the people that used the feature is more significant than the improvement other people get.

My phone is part of the tool set I use at work and a feature it had when I purchased it has been removed.

My use case is checking externally presented certificates after updates etc. My computer is on the internal corporate network and won't hit the same interfaces so my Nexus 5 was a convenient way to check from the Internet side. I need to see the expiry date to know which cert I'm getting. 



Comment 16 by f...@chromium.org, May 20 2015

Re #15: you already have your wish, we've brought a link to connection info back into the lock. coming soon once the change rolls out to stable.

Comment 17 by ad...@triumf.ca, Apr 28 2016

Just updated to ff 46.0 on android, latest from play store for my tablet, can't see security link from padlock. Just says 'mixed' or 'secure'. Not good enough - I need to see who issued the certificate and the details to report a security problem, or even to know whether I can trust the website. Right now I don't have a laptop with me, and even if I did the site might redirect differently for a mobile device. I shouldn't have to go to a developer build to get that. Ctrl-I does not seem to work, and very hard to generate anyway (3rd party keyboard app).
advax@triumf.ca: Do you mean Firefox 46.0? As far as I know Firefox doesn't use Chromium UI for this purpose so you'll probably want to contact them instead.
Components: -Security>UX
Labels: Team-Security-UX
Security>UX component is deprecated in favor of the Team-Security-UX label

Sign in to add a comment