New issue
Advanced search Search tips

Issue 692828 link

Starred by 4 users
Status: Duplicate
Merged: issue 663971
Owner: ----
Closed: Feb 2017
Cc:
elawrence@chromium.org
rbasuvula@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug-Regression



Sign in to add a comment

CertificateViewer no longer accessible from the URL bar

Reported by cku...@gmail.com, Feb 16 2017 
UserAgent: Mozilla/5.0 (X11; Linux x86_64; rv:51.0) Gecko/20100101 Firefox/51.0

Steps to reproduce the problem:
1. Open a TLS enabled website
2. The "Secure" icon appears in front of the URL bar
3. Click on the icon - the "Details" button is gone.

What is the expected behavior?
With the current state of TLS, now more than ever it's important to verify by whom a certificate has been signed, when it was signed and to look at the intermediary parties.

If the user clicks on the "Secure" icon, clearly s/he is curious about the details on the security of the connection. Accidently clicking this button could happen, yes. But if the "secure connection" overlay is open anyway, why not offer to display the security details?

What went wrong?
This worked before (maybe v55?) and has been removed from the Chrome browser not long ago. I've not done a git bisect, but #690712 looks related - was this removed on purpose? If so, what's the rationale behind this?

Did this work before? Yes Chromium 55

Chrome version: 56.0.2924.76  Channel: stable
OS Version: Debian 8.7
Flash Version:

Comment 2 by yangyu...@gmail.com, Feb 19 2017 

This is just another pathetic decision made by some Chromium project numbers, by fixing stuff working properly and turn a deaf ear to the community (restricting comments).

Security Overview is very useful not only to view the certificate but also to check TLS version number/key exchange/cipher. Sure it made Chromium so much more secure by making this information difficult to find.

Comment 3 by ranjitkan@chromium.org, Feb 21 2017

Labels: Needs-Triage-M56

Comment 4 by rbasuvula@chromium.org, Feb 21 2017

Cc: rbasuvula@chromium.org elawrence@chromium.org
Labels: -Needs-Triage-M56
Mergedinto: 663971
Status: Duplicate (was: Unconfirmed)
seems this issue is similar to  issue #663971 . Hence merging this issue with 663971.

@elawrence: Could you please take a look in to this issue.Please undup if this is not similar.

Thanks.

Comment 5 by cku...@gmail.com, Feb 21 2017 

 Issue #663971  appears to developer centric - please note that not only developers are affected by this, but also so called "power users" (hah!) who have an interest to know what the "Secure" label really means. Right now it is (IMHO) unnecessarily difficult to open the security details.

If  issue #663971  cares about !developers too, the duplicate status is fine. Thanks.

Sign in to add a comment