Return of the padlock icon (re: bug 742419)

[beltzner]

G'day,

Bug 742149 was filed with the laudable aim to improve the design of the Firefox "identity block," in order to further streamline the user interface, reduce redundancy in the design, and move towards the future look and feel of Firefox.

A mockup of the design work was provided by the inestimable Stephen Horlander: https://bug742419.bugzilla.mozilla.org/attachment.cgi?id=612253

Two of the major changes in the design are:
- removing the favicon from the Location Bar (it's already in the tab)
- displaying a padlock for sites that have valid SSL encryption

I am actually a great fan of change, and am not putting on a robe and wizard hat and yelling "THOU SHALL NOT PASS, HURRRRR!" I am, however, wondering if anyone took the time to speak to the various members of the Mozilla community responsible for a very intentional move *away* from the padlock icon for mission-related reasons regarding promoting a clearer understanding of user security on the web.

Johnath wrote about this years ago when we started the move away from the padlock, and clearly explains why we made this move:

http://blog.johnath.com/index.php/2007/03/13/revisiting-security-ui-part-1-of-2/
http://blog.johnath.com/2007/03/21/revisiting-security-ui-part-2/

Nothing in the bug or security review indicates that any discussion was had about the risks of re-introducing the padlock in terms of giving users a false sense of security for devalued domain and organization validated certificates. As such, I'm not sure what rationale -- aside from the desire to remove the redundant padlock and the need to replace it with something -- led to the change. I was hoping that someone could explain that a little bit, so that if a debate is had about the merit of the change we're all acting under the same context.

For what it's worth, I think there are ways of accomplishing the clean design without returning to the use of a padlock, and I'd be happy to share those if there's interest, but as I said: I'm acting somewhat in the dark here, and looking for more information.

cheers,
mike

[Gervase Markham]

On 24/04/12 14:51, beltzner wrote:
> Nothing in the bug or security review indicates that any discussion
> was had about the risks of re-introducing the padlock in terms of
> giving users a false sense of security for devalued domain and
> organization validated certificates.

And, equally as important I think, the reversal to move away from
emphasizing identity back towards "security" (however that is defined).

I share beltzner's desire for some context around why the padlock was
introduced, and whether the team think the factors which caused us to
explicitly move away from the padlock have changed.

Gerv

[alex_mayorga]

I believe the padlock was reintroduced on the assumption that the icon being "chrome" now it is not possible to easily spoof it using a favicon (something we lost when the status bar was removed).

Now the logic is somehow like this:
padlock (gray) = HTTPS
padlock (green) = HTTPS+EV
world = HTTP

I'm just a Nightly tester and got this understanding from https://bugzilla.mozilla.org/show_bug.cgi?id=588270 so lease take this with "a grain of salt" or "sugar coating" as needed ;-)

Alex

[Gus Richter]

On 4/24/2012 1:47 PM, alex_mayorga wrote:
> Now the logic is somehow like this:
> padlock (gray) = HTTPS
> padlock (green) = HTTPS+EV
> world = HTTP

Just as outlined and explained in a blog yesterday:

<http://msujaws.wordpress.com/2012/04/23/an-update-to-site-identity-in-desktop-firefox/>

--
Gus

[Matthew Turnbull]

On 04/24/2012 09:51 AM, beltzner wrote:
> Two of the major changes in the design are:
> - removing the favicon from the Location Bar (it's already in the tab)
> - displaying a padlock for sites that have valid SSL encryption

It's also worthwhile pointing out that most of the emphasis on the
identity block has been removed. Previously it was brightly colored,
which made it stand out in the UI (as it should). Now it's faint greys
and greens, which blends in perfectly with the rest of the muted text on
the location bar.

There is Bug 747083
<https://bugzilla.mozilla.org/show_bug.cgi?id=747083> to make the icon
darker, but color-on-white is still a loss of emphasis compared to
white-on-color.

> For what it's worth, I think there are ways of accomplishing the clean design without returning to the use of a padlock, and I'd be happy to share those if there's interest, but as I said: I'm acting somewhat in the dark here, and looking for more information.

I agree. I understand the rational of removing the site icon, but I
can't seem to find any reasoning for going back to the padlock. There's
also Bug 747090 <https://bugzilla.mozilla.org/show_bug.cgi?id=747090> to
differentiate the icon for the mixed-content state, which I'm not sure
is a step in the right direction either.

Personally, I'd be in favor of simply a grey/blue/green world icon and
drop the padlock/mixed-content all together.

[Art Kocsis]

At 4/24/2012 06:51 AM, you wrote:
>Bug 742149 was filed with the laudable aim to improve the design of the
>Firefox "identity block," in order to further streamline the user
>interface, reduce redundancy in the design, and move towards the future
>look and feel of Firefox.
>
>A mockup of the design work was provided by the inestimable Stephen
>Horlander: https://bug742419.bugzilla.mozilla.org/attachment.cgi?id=612253
>

>Two of the major changes in the design are:
> - removing the favicon from the Location Bar (it's already in the tab)

So, again, misguided form wins out over function. The favicon in the
location bar is there for more than looks - it is, among other things, it
is the hook that enables dragging the URL to the desktop, bookmarks,
toolbars, other windows, other groups, etc. In some cases, dragging the tab
exhibits an identical behavior (drag to toolbar), sometimes different (drag
to anther window MOVES, not COPIES, the URL) and is entirely non-existent
(drag to desktop).

This demo UI looks "clean" ... and is totally unworkable. In the top line,
a sub-minimal set of toolbar icons and a very small number of tabs are
crowded together while the next line is almost entirely taken up by the
location window. Is this totally dedicated space? Will this bar be
"customizable" and allow additional icons? What happens when there are more
than 5-6 tabs? There is no space left for titles. BTW, most of the world
looks at the tab titles/descriptions to determine the page, not the URL.
Anyway, tabs should be built into FF in a side panel which can be
completely user resizable with a mouse drag (from zero to full width), such
as with TabKit, Vertical Tabs or Opera.

The functionality and usability of FF is, not so slowly, being chipped away
until soon there will be nothing left but a blank screen. Might as well go
back to the DOS prompt.

>I am actually a great fan of change, and am not putting on a robe and
>wizard hat and yelling "THOU SHALL NOT PASS, HURRRRR!" I am, however,
>wondering if anyone took the time to speak to the various members of the
>Mozilla community responsible for a very intentional move *away* from the
>padlock icon for mission-related reasons regarding promoting a clearer
>understanding of user security on the web.

I doubt it. What I have observed is that time and time again a single
developer unilaterally decides to change or block something because that is
the way he wants it and, obviously, that is the way the world should
follow. Those of us that do not use full screen and have more than one
sheet of paper on our desks, want a full set of controls and functions
available with a single click or don't want to chase the latest UI fad are
just SOOL.

Namaste', Art

[Jim]

On 04/24/2012 06:23 PM, Art Kocsis wrote:
> So, again, misguided form wins out over function. The favicon in the
> location bar is there for more than looks - it is, among other things,
> it is the hook that enables dragging the URL to the desktop, bookmarks,
> toolbars, other windows, other groups, etc.

Have you tried the latest Nightly? I have, and all of the things you
mention can be done by dragging the padlock/globe icon.

In general, I think it's best to test out a new feature (or at least ask
politely for more information) before assuming the worst.

- Jim

[Matthew Turnbull]

On 04/24/2012 07:23 PM, Art Kocsis wrote:
> So, again, misguided form wins out over function. The favicon in the
> location bar is there for more than looks - it is, among other things,
> it is the hook that enables dragging the URL to the desktop,

> bookmarks, toolbars, other windows, other groups, etc. In some cases,
> dragging the tab exhibits an identical behavior (drag to toolbar),
> sometimes different (drag to anther window MOVES, not COPIES, the URL)
> and is entirely non-existent (drag to desktop).

There is still an icon on the identity block, and it can still be
dragged around to bookmark the page (and so on). As far as I can tell,
no functionality has been lost; this was a purely visual change.

But you would have known that, if you tested it out.

[Andrew Joakimsen]

To be quite frank all this "security" bullshit is sickening. The browser
should not attempt to know better than the user and the browser should not
compensate for the user's stupidity.

The padlock icon indicates the connection is encrypted with SSL. Nothing
less and nothing more. Where someone got the misguided notion that the
padlock icon indicates "safety" I don't know and I don't care.

What I do care about is I have noticed the padlock icon is missing in
recent versions of Firefox and with this icon missing it makes it harder
for me to quickly determine if I am viewing an SSL site or not.

Please, I beg of all of you: let us not strive to develop a browser that
caters towards idiots.

[Gavin Sharp]

Thanks for the feedback Andrew. Unfortunately your views aren't shared
by the Mozilla project - users who don't understand the intricacies of
crypto and SSL aren't "idiots", they're just people for whom other
concerns are quite reasonably more important, and they represent the
majority of our user base. While you may think that we shouldn't
bother trying to make a web browser for them, we disagree.

Gavin

> _______________________________________________
> dev-apps-firefox mailing list
> dev-apps...@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-apps-firefox

[emanuele...@gmail.com]

On Wednesday, April 25, 2012 3:35:26 PM UTC+2, Gavin Sharp wrote:
> Thanks for the feedback Andrew. Unfortunately your views aren't shared
> by the Mozilla project - users who don't understand the intricacies of
> crypto and SSL aren't "idiots", they're just people for whom other
> concerns are quite reasonably more important, and they represent the
> majority of our user base. While you may think that we shouldn't
> bother trying to make a web browser for them, we disagree.

The currently undergoing UI simplification, though, seems to be driving away more and more power users. I'm currently enrolled in an IT Master's Degree course, and I'm noticing how a good amount of colleagues are switching to Chrome by the day.
The advantages Firefox used to have for a power user are decreasing, and the UI is getting as 'bad' as Chrome's (yes, I call it a bad UI design, which started with with moving tabs to the titlebar and removing the RSS icon, now arrived to the removal of favicons from the location bar, and it'll very likely end up getting us space-wasting, curvy tabs soon - though I realize that may be personal preference. Replace 'bad' with 'Chrome-like' when reading, if you prefer), why not just switch to Chrome altogether, which is possibly less buggy in many places? (Firefox still doesn't have swipe animations and modern scrollbars in OS X Lion just to say one, not to mention the currently missing tab detach animation - you never know if you're detaching a tab, moving it around, or making it into a bookmark until it's already too late...) And that's what I've seen many power users do.

Originally, the majority of users of Firefox (or Phoenix, Firebird, etc) were power users, attracted by the plain design and customizability of the browser (I'm one of those). And I believe you should still consider them as one of the targets.

I know this probably is a very complex suggestion which requires a lot of under the hood changes, but why not offer a chance to customize the Location Bar, just like we can customize toolbars? That way users who want it could drag favicons, identity blocks, RSS indicators, loading progress indicators, throbbers, and whatever other element they like into and out of their location bar. And it'd avoid discussions like this altogether. You could default it not to show a favicon, and anyone could just add it back with a click and a drag, without having to resort to countless addons.

That's it. I'm just pining for more UI customizability, rather than seeing familiar interface elements gone everyday.

[beltzner]

I'd actually appreciate it if people didn't hijack this thread, quite honestly. I'm not complaining about the process, nor the change itself, I'm asking for the designers and those responsible for bringing about the change to help me understand if they'd considered the impact of returning to the lock metaphor, and to share their thoughts on that.

The other points are all variously valid and interesting, but not what I'm looking for, and I'd appreciate it if we kept this thread on topic to the original question.

Thanks!

cheers,
mike

[alex_mayorga]

I like this approach but would like two more colors to be added for scams and untrusted connection[2].

red world = phishing/malware
yellow world = untrusted connection
gray world = HTTP
blue world = HTTPS
green world = HTTPS+EV

The UI would be less "jumpy" IMHO and there's one less icon to maintain.

For bonus points, make the color shades match the ones on the "Larry"[3] icon that would show when the world is clicked and the door hanger appears.

This way the "browse safely by colors" lesson I gave to mom and my in-laws two or three spring breaks ago wouldn't go to waste entirely ;-)

Alex

[1] http://www.mozilla.org/en-US/firefox/phishing-protection/
[2] https://support.mozilla.org/en-US/kb/This%20connection%20is%20untrusted
[3] https://support.mozilla.org/en-US/kb/Site%20Identity%20Button

[Robert Kaiser]

Matthew Turnbull schrieb:

> It's also worthwhile pointing out that most of the emphasis on the
> identity block has been removed. Previously it was brightly colored,
> which made it stand out in the UI (as it should). Now it's faint greys
> and greens, which blends in perfectly with the rest of the muted text on
> the location bar.

"blends in perfectly" is a euphemism for "you cannot see any difference
any more between the name of the EV owner and the URL", which IMHO is a
one of the really bad outcomes of this redesign.

Also, in the previous identity block redesign, which led to what we had
until this change came along, I remember that replacing the favicon with
a lock (for SSL) or generic icon (for non-SSL) was discussed and
discarded because of concerns that 1) the padlock is an incredibly bad
metaphor and 2) users just mistake that icon for the favicon anyhow due
to the training they had up until now from all browsers.
I wonder why those arguments have not been addressed a bit in
discussions of the new design.

Robert Kaiser

[Robert Kaiser]

Matthew Turnbull schrieb:

> There is still an icon on the identity block, and it can still be
> dragged around to bookmark the page (and so on).

Which is completely unintuitive, esp. for the padlock icon. Why in the
world should I know to drag the padlock to bookmarks the page or put the
site's favicon (!) as a link on my desktop?

Robert Kaiser

[Michael Verdi]

On Apr 24, 2012, at 8:51 AM, beltzner wrote:
>
> Nothing in the bug or security review indicates that any discussion was had about the risks of re-introducing the padlock in terms of giving users a false sense of security for devalued domain and organization validated certificates. As such, I'm not sure what rationale -- aside from the desire to remove the redundant padlock and the need to replace it with something -- led to the change. I was hoping that someone could explain that a little bit, so that if a debate is had about the merit of the change we're all acting under the same context.

I'd love this explanation as I'll have to recreate it in our documentation.

On Apr 24, 2012, at 12:47 PM, alex_mayorga wrote:

> I believe the padlock was reintroduced on the assumption that the icon being "chrome" now it is not possible to easily spoof it using a favicon (something we lost when the status bar was removed).

Again, I'd love to get some insight into that discussion. It seems to me that a padlock favicon in the tab may not be all that distinguishable for some people from a padlock in the identity block.

On Apr 24, 2012, at 4:41 PM, Gus Richter wrote:

> Just as outlined and explained in a blog yesterday:
>
> <http://msujaws.wordpress.com/2012/04/23/an-update-to-site-identity-in-desktop-firefox/>

Outlined; yes. Explanation of why we're returning to the use of the padlock (also in Firefox for Android BTW); not really.

- Michael

--
Michael Verdi • support.mozilla.org • irc: verdi

[Andrew Joakimsen]

On Wed, Apr 25, 2012 at 09:35, Gavin Sharp <ga...@gavinsharp.com> wrote:

> Thanks for the feedback Andrew. Unfortunately your views aren't shared
> by the Mozilla project - users who don't understand the intricacies of
> crypto and SSL aren't "idiots", they're just people for whom other
> concerns are quite reasonably more important, and they represent the
> majority of our user base. While you may think that we shouldn't
> bother trying to make a web browser for them, we disagree.
>
>

The SSL icon indicates the page is displayed through a secure (encrypted)
communications channel. Where you jump to conclusions that it somehow
indicates to the user that the page itself, it's content, the operator of
it, etc are all "safe" is where idiocy comes to play. Currently I am using
Firefox 10 and it does show a lock icon and the text "Your connection to
this website is encrypted to prevent eavesdropping." That same text could
be placed in a tooltip for the new location of the padlock icon. Someone
who doesn't know what it means could use the tooltip to determine what it
means. There could also be further clarification when the padlock is
clicked.

How else is someone who has never used Firefox know how to use it? There is
the first run splash screen, help pages, search engines, etc. Do you expect
every person to know exactly what ever UI element in Firefox does and
exactly what the developer's intent is? Does someone who gets behind the
wheel of an automobile for the first time automatically know how to use it?
I am sure many would not. Will they know the exact purpose and function of
each control, switch or dial? Should we remove the steering wheel and other
controls, indicators, etc from automobiles and make mandatory an autopilot
system because it is possible some people, especially inexperienced users,
will be confused by the current controls? What if they don't know how to
use the autopilot. Conclusion by Firefox logic: ban cars because someone
might now know how to use one. Rather absurd logic.

[Paul [sabret00the]]

On Thursday, 26 April 2012 00:37:07 UTC+1, Andrew Joakimsen wrote:

I'm struggling to see your point Andrew. The only thing I can make out is that it's off topic. Please stop unless you have something to add to this specific topic.

[Paul [sabret00the]]

On Thursday, 26 April 2012 00:37:07 UTC+1, Andrew Joakimsen wrote:

[beltzner]

On Wednesday, April 25, 2012 2:54:16 PM UTC-4, alex_mayorga wrote:
> I like this approach but would like two more colors to be added for scams and untrusted connection[2].

Indeed, if we're at the point where alternative designs are being entertained, I certainly like the idea of either overloading the globe/document icon, though as others have mentioned, colour alone isn't accessible.

Instead, I'd suggest:

- non-SSL connections get a grey globe icon
- SSL connections get an identity icon (Larry or similar)
- EV-SSL connections get the gree identity icon in the identity block along with OU name
- phishing/malware sites get a red identity icon

So, basically what the current design is, but retaining the new metaphor of identity instead of returning to the padlock.

cheers,
mike

[beltzner]

On Wednesday, April 25, 2012 2:54:16 PM UTC-4, alex_mayorga wrote:

> I like this approach but would like two more colors to be added for scams and untrusted connection[2].

[Wing]

Chromium has already implemented it. The address bar only shows the global (http) or padlock (https)
and they move the favicon to the individual tab. It isn't something new, at least to me. I have been
using both Ff (stable build) and chromium (dev build) together for a while.

--
Wing

[Dr J R Stockton]

In mozilla.dev.apps.firefox message <mailman.23275.1335314117.31724.dev-
apps-f...@lists.mozilla.org>, Tue, 24 Apr 2012 20:35:06, Matthew
Turnbull <spa...@bluefang-logic.com> posted:

>
>There is still an icon on the identity block, and it can still be
>dragged around to bookmark the page (and so on). As far as I can tell,
>no functionality has been lost; this was a purely visual change.
>
>But you would have known that, if you tested it out.

Functionality is lost if the ordinary users do not know, and remember,
how to do it. It is not sufficient for just the developers to be able
to use the feature.

IE8, Opera, Safari, Chrome all have better Home icons than Firefox; for
example, they all have chimneys. That of Firefox looks at best like a
mere dog-kennel - does that say something about the pay of Mozilla
developers? Actually, the Firefox one looks more like an up-arrow than
anything else; it is deceptive. Let us have a proper house.

--
(c) John Stockton, nr London UK ?@merlyn.demon.co.uk IE8 FF8 Op11 Sf5 Cr15
news:comp.lang.javascript FAQ <http://www.jibbering.com/faq/index.html>.
<http://www.merlyn.demon.co.uk/js-index.htm> jscr maths, dates, sources.
<http://www.merlyn.demon.co.uk/> TP/BP/Delphi/jscr/&c, FAQ items, links.

[Philip Chee]

On Thu, 26 Apr 2012 11:57:16 -0500, Wing wrote:
> On Wed, 25 Apr 2012 21:17:28 +0200, Robert Kaiser wrote:
>
>> Matthew Turnbull schrieb:
>>> It's also worthwhile pointing out that most of the emphasis on the
>>> identity block has been removed. Previously it was brightly colored,
>>> which made it stand out in the UI (as it should). Now it's faint greys
>>> and greens, which blends in perfectly with the rest of the muted text
>>> on the location bar.
>>
>> "blends in perfectly" is a euphemism for "you cannot see any difference
>> any more between the name of the EV owner and the URL", which IMHO is a
>> one of the really bad outcomes of this redesign.
>>
>> Also, in the previous identity block redesign, which led to what we had
>> until this change came along, I remember that replacing the favicon with
>> a lock (for SSL) or generic icon (for non-SSL) was discussed and
>> discarded because of concerns that 1) the padlock is an incredibly bad
>> metaphor and 2) users just mistake that icon for the favicon anyhow due
>> to the training they had up until now from all browsers.
>> I wonder why those arguments have not been addressed a bit in
>> discussions of the new design.
>>
>> Robert Kaiser
>
> Chromium has already implemented it. The address bar only shows the global (http) or padlock (https)

A million lemmings have already implemented it isn't very convincing. At
least there should be an explanation on why the team behind our previous
implementation got it totally wrong.

> and they move the favicon to the individual tab. It isn't something new, at least to me. I have been
> using both Ff (stable build) and chromium (dev build) together for a while.

Phil

--
Philip Chee <phi...@aleytys.pc.my>, <phili...@gmail.com>
http://flashblock.mozdev.org/ http://xsidebar.mozdev.org
Guard us from the she-wolf and the wolf, and guard us from the thief,
oh Night, and so be good for us to pass.

[Paul [sabret00the]]

On Friday, 27 April 2012 07:05:06 UTC+1, Philip Chee wrote:
> On Thu, 26 Apr 2012 11:57:16 -0500, Wing wrote:
> > On Wed, 25 Apr 2012 21:17:28 +0200, Robert Kaiser wrote:
> > Chromium has already implemented it. The address bar only shows the global (http) or padlock (https)
>
> A million lemmings have already implemented it isn't very convincing. At
> least there should be an explanation on why the team behind our previous
> implementation got it totally wrong.

I'm with a lot of users, who also are curious as to what is happening in regards to the design of Firefox. It seems to be chrome-like for chrome-like-sake. I assumed this was a decision that was flushed out on the intranet forums, yet everyone I've spoken to seems to be just as confused as I am as to why the UX team has given up on original design concepts.

I think especially with this padlock decision, was there room for improvement on the previous design? Certainly! Is this the best possible direction? I don't believe it is. Even with the standard non-SSL icon. We have the capacity to get cute a little and implement some branding, what's wrong with using the Firefox logo there? And with SSL, a blue gate overlayed on top of the logo? EV-SSL a green gate?.

If there was a reason chosen to reintroduce the lock, that's so compelling everyone would say "of course that makes total sense" then by all means, replace the gates with padlocks.

Though sadly, I feel that the general feelings I've seen conveyed of those observing the evolution path of Firefox is that the UX team is simply going to trust in the research and decisions the Chrome team is making and blindly follow them.

[beltzner]

On Friday, April 27, 2012 3:16:18 AM UTC-4, Paul [sabret00the] wrote:

> Though sadly, I feel that the general feelings I've seen conveyed of those observing the evolution path of Firefox is that the UX team is simply going to trust in the research and decisions the Chrome team is making and blindly follow them.

While I disagree with your conclusion, and find it a little spurious, I humbly suggest that it's a broader matter for a different thread.

Jared actually got back to me in private email - he feels that this thread has already wandered pretty far into the weeds. Essentially, though, what he said was:

* actually no, the UX team hadn't spoken with Johnath or anyone about what had led to the creation of Larry, but they will definitely do so now that it's been brought to their attention

* the padlock icon was chosen primarily to differentiate between "non-http" and "http", and secondarily to provide a consistent metaphor between all browsers for that concept

I replied to Jared re-iterating the point that while consistency in metaphor is important, the over-interpretation of the specific metaphor (lock) has been proven to be problematic. I also gave him my suggestion which was to use Larry instead of a padlock, keeping the metaphor of "identity" instead. He said that the UX team would discuss this.

And now you all know!

[Gervase Markham]

On 27/04/12 15:03, beltzner wrote:
> I replied to Jared re-iterating the point that while consistency in
> metaphor is important, the over-interpretation of the specific
> metaphor (lock) has been proven to be problematic. I also gave him my
> suggestion which was to use Larry instead of a padlock, keeping the
> metaphor of "identity" instead. He said that the UX team would
> discuss this.

Awesome - thank you :-)

Gerv

[Jared Wein]

> * actually no, the UX team hadn't spoken with Johnath or anyone about what had led to the creation of Larry, but they will definitely do so now that it's been brought to their attention

For clarification, *I* had not spoken with Johnath beforehand. I can't speak for anybody else.

- Jared

[alex_mayorga]

I for one would like the globe/padlock to be replaced by the gray/blue/green/red/yellow globe that matches the color hues of "Larry" icons described on "Firefox 3: Site Identification button"[1] and Firefox knowledge base entry on "Site Identity Button"[2].

The UI would be less "jumpy" IMHO and there's one less icon to maintain.

Also if you still want to maintain the drag favicon affordances from the past I'd say the globe should be more "buttony" if still low key (i.e. keep the | that appears on HTTPS+EV and add a slight shade of gray/blue/yellow/red just like in the green HTTPS+EV case)

But what do I know, I'm just a Nightly tester ;-)

Alex

[1] http://www.dria.org/wordpress/archives/2008/05/06/635/
[2] https://support.mozilla.org/en-US/kb/Site%20Identity%20Button

[beltzner]

I don't think there's a need to repeat yourself, Alex. Jared mentioned that he'd been following the thread and saw all the alternative suggestions :)

cheers,
mike

[Paul [sabret00the]]

Thanks for sharing.

[Justin Wood (Callek)]

Any chance you can request the UX team to send a notice to this
group/list if they make a decision either to keep the lock, or to switch
to a different Larry Metaphor.

More as a "Hey thanks for the feedback, this is what we're planning"
rather than "Lets bikeshed" in my eyes. That may be asking too much
though, and if so I respect that and will accept that.

--
~Justin Wood (Callek)

[EE]

On 2012-04-26 11:41, Dr J R Stockton wrote:
> In mozilla.dev.apps.firefox message<mailman.23275.1335314117.31724.dev-
> apps-f...@lists.mozilla.org>, Tue, 24 Apr 2012 20:35:06, Matthew
> Turnbull<spa...@bluefang-logic.com> posted:
>
>>
>> There is still an icon on the identity block, and it can still be
>> dragged around to bookmark the page (and so on). As far as I can tell,
>> no functionality has been lost; this was a purely visual change.
>>
>> But you would have known that, if you tested it out.
>
>
> Functionality is lost if the ordinary users do not know, and remember,
> how to do it. It is not sufficient for just the developers to be able
> to use the feature.
>
> IE8, Opera, Safari, Chrome all have better Home icons than Firefox; for
> example, they all have chimneys. That of Firefox looks at best like a
> mere dog-kennel - does that say something about the pay of Mozilla
> developers? Actually, the Firefox one looks more like an up-arrow than
> anything else; it is deceptive. Let us have a proper house.
>

I cannot believe how picky some people can be. Someone using Mac
Thunderbird was complaining that the icon for an extension did not
harmonize with the other icons on the toolbar.
I thought the home icon was going to be removed some time soon? There
were at least rumours about that.

[Ron Hunter]

I guess that would something based on the Biltmore house? Or perhaps,
Bill Gates place?

[Stephen Horlander]

On 2012-04-27 14:03:32 +0000, beltzner said:
> * actually no, the UX team hadn't spoken with Johnath or anyone about
> what had led to the creation of Larry, but they will definitely do so
> now that it's been brought to their attention

That isn't entirely true :) While we did not specifically talk to
Johnath before we designed this everyone was cognizant of the ideas and
rationale behind that design. I have also spoken to him since this
landed.

This design (including the padlock) has been kicked around in various
iterations since before Fx4. You may be familiar with the numerous
different designs for the evolving the identity block :)

Eventually we decided that the designs behind using an inline identity
block were too fragile.

> * the padlock icon was chosen primarily to differentiate between
> "non-http" and "http", and secondarily to provide a consistent metaphor
> between all browsers for that concept

That is mostly right, but I can expand on the rationale behind the
entirely of the changes.

Goals for this design are:

- Reduce redundancy in main UI by only having one favicon (in the tab)
- Increase security by removing the ability for websites to spoof the favicon
- (Re) Introduce a consistent encryption indicator
- Streamline the URL bar and its contents for Australis
- Have a consistent location for accessing the identity panel
- Retain the drag target for bookmarks


While working towards these goals we identified some other problems in
the current UI we wanted to address:

- Not to knock Larry, because I love that guy, but he isn't a very
recognizable metaphor for identify unless you find yourself going
through customs frequently.
- Larry also does not scale down to 16x16 very well
- The color "blue" doesn't have any special meaning attached to it.
Just "blue".
- We have no recognizable icon that indicates your data is encrypted.


Taking all that into account we have the new design:
http://cl.ly/401E0Z3A0e1F3T2u1J3C

(From top to bottom)

- Default state
- SSL state
- EV state
- Mixed/broken encryption state
- Malware/phishing state

The generic globe indicates a regular site and serves as a consistent
drag target and access point for the identity panel. For SSL we
re-added the lock icon and show "https". EV has pretty much the same UI
with the addition of the lock and the removal of the button affordance.
Green as a color does have meaning as in "Go" or "Healthy" and it has
been actively associated with Extended Validation certs by browser
vendors and CAs. For the mixed state the plan is to have a warning icon
to indicate something is wrong and drop the "https" because you aren't
truly encrypted at this point.

Now, as to why we decided to use the padlock icon :) It is the
universally accepted icon for encrypted connections. We could come up
with a new metaphor, although this is a) difficult and b) a new
metaphor is just as likely to get conflated meanings in the same way
the lock might have. We are still exposing identity in the panel and
more importantly for the actually meaningful EV case.

We still have some improvements to make to the new design to make the
green more noticeable and the SSL lock a little more noticeable. Also
the updated mixed state icon.


Next steps for improving security UI include:

- A more easily readable identity panel
- Exposing more information about your relationship with the site e.g.
how many times have you been there
- Notifying you if you are submitting sensitive data over unencrypted
connections
- Notifying you if you are submitting data to a site for the first time

And more, we would love more ideas here.

Thanks!

[Andrew Joakimsen]

How exactly are you defining "broken encryption?"

[beltzner]

On Thursday, May 3, 2012 4:32:07 PM UTC-7, Andrew Joakimsen wrote:
> How exactly are you defining "broken encryption?"

By showing no encryption, I suspect, since that's a decision made at lower levels of the code to which the UI responds. Since Firefox 3.6 (or earlier? memory is hazy) mixed-content SSL has been presented as "no SSL" or "same as http".

cheers,
mike

[beltzner]

On Thursday, May 3, 2012 4:32:07 PM UTC-7, Andrew Joakimsen wrote:

> How exactly are you defining "broken encryption?"

[Axel Grude]

On 27/04/12 15:03, beltzner wrote:

> On Friday, April 27, 2012 3:16:18 AM UTC-4, Paul [sabret00the] wrote:
>
>> Though sadly, I feel that the general feelings I've seen conveyed of those observing the evolution path of Firefox is that the UX team is simply going to trust in the research and decisions the Chrome team is making and blindly follow them.
>
> While I disagree with your conclusion, and find it a little spurious, I humbly suggest that it's a broader matter for a different thread.
>
> Jared actually got back to me in private email - he feels that this thread has already wandered pretty far into the weeds. Essentially, though, what he said was:
>
> * actually no, the UX team hadn't spoken with Johnath or anyone about what had led to the creation of Larry, but they will definitely do so now that it's been brought to their attention

Thanks for that.

Could we preview the new Larry-Icon somewhere? I think it would still be nice to add
an option for displaying the favIcon somewhere in the awesome bar, clearly positioned
in a way that it cannot be mistaken with the identity icon. But maybe that was the
problem all along, that is probably not possible. Still if it was hidden by default it
wouldn't matter that much. It could then be enabled by theme author or a
userChrome.css hack.

Axel

[Axel Grude]

FYI: I think in this case Chrome actually shows a red https: which is crossed out
diagonally. Which freaked out a friend of mine who did a google search; she thought
she got a virus.

[Axel Grude]

On 25/04/12 05:25, Andrew Joakimsen wrote:
> To be quite frank all this "security" bullshit is sickening. The browser
> should not attempt to know better than the user and the browser should not
> compensate for the user's stupidity.
>
> The padlock icon indicates the connection is encrypted with SSL. Nothing
> less and nothing more. Where someone got the misguided notion that the
> padlock icon indicates "safety" I don't know and I don't care.
>
Andrew, this was replaced with the green / blue / normal color scheme, and we are
currently enforcing this pretty vigorously also with the theme authors these days
(even the ones that make monochrome or dark themes, such as bloomind ft deepdark or
Lavafox). I personally prefer the big color area to a little icon, but that's just a
matter of taste.

Axel
AMO Editor

[alex_mayorga]

Mr. Horlander,

This looks good IMHO.
Would you consider throwing in a light shade of blue that matches "Larry" on SSL state, please?

Thanks!
Alex

[Chris Ilias]

On 12-05-05 11:50 AM, Axel Grude wrote:
> Could we preview the new Larry-Icon somewhere?

Are you referring to the change that triggered this thread? You can test
it on the Aurora channel
<http://www.mozilla.org/en-US/firefox/channel/#aurora/aurora-desktop>.

[Robert Kaiser]

Stephen Horlander schrieb:

> - Retain the drag target for bookmarks

While it's still there in terms of how to do things, it doesn't feel
like it's there any more. Also, dragging the padlock to the bookmarks
bar to get the favicon of the page into the bookmarks bar is quite
unintuitive and IMHO even confusing.

Robert Kaiser

[Ron Hunter]

Wouldn't it make more sense to move the lock icon to the right of the
URL (where it wouldn't be subject to being usurped, and leave the
favicon in its current location?

[Andrew Joakimsen]

On Tue, May 15, 2012 at 9:15 PM, Ron Hunter <rphu...@charter.net> wrote:
> Wouldn't it make more sense to move the lock icon to the right of the URL
> (where it wouldn't be subject to being usurped, and leave the favicon in its
> current location?

Someone wants the favicon to appear only a single time and only in the tab.

I sort of agree (I am using Firefox 9 from a few weeks back, maybe it
has changed in versions 10, 11 or 12?) -- it looks somewhat cluttered
and redundant, although I really don't care about such minor design
details and would rather see that effort expended in fixing serious
usability issues in other places.

[Ron Hunter]

The problem with putting the favicon in the tab is that some people only
have one tab open most of the time, and thus don't have a tab visible as
this is a waste of valuable vertical screen space. TestPilot stats
indicate that most users don't have more than one tab open most of the
time, thus no favicon would be visible.
You would be amazed at the really trivial user interface aspects that
users seize upon as reasons to change browsers, even if the new browser
works the same way....

[Matrus]

On Wednesday, May 16, 2012 10:00:14 AM UTC+2, Ron Hunter wrote:

> The problem with putting the favicon in the tab is that some people only
> have one tab open most of the time, and thus don't have a tab visible as
> this is a waste of valuable vertical screen space.

It's not a problem with the default configuration. Firefox hasn't been hiding the tab bar since the 3.x days, even with only a single open tab.

[Ron Hunter]

How many users actually use an unmodified default configuration?
A good Testpilot question?

[Nukeador]

Hi,

So the new behavior is going to be maintained?

I want to add my 2 cents here.

I've observed users having problems identifying when a site is not
secure and when is not with the new design. The color code we had was
great and avoided confusion, now most sites look the same, the only
difference is a tiny gray padlock or globe icon. Only extended validated
domains seem to be secure.

Regards.

--
Rubén Martín [Nukeador]
Mozilla Reps Council Member
http://www.mozilla-hispano.org
http://twitter.com/mozilla_hispano
http://facebook.com/mozillahispano

[alex_mayorga]

Rubén,

As your 2 cents seem to match mine I took the liberty to file "Bug 761179 - Padlock for non-EV case should show a separator and a shade of blue"[1]

Feel free to confirm it and assign it to the right component if you think is worth it.

Regards,
Alex

[1] https://bugzilla.mozilla.org/show_bug.cgi?id=761179