The only completely secure Https screen is a full certificate
I would like a confirmation on the certificate used in Firefox and other browsers. A web site like President choice financial https://www.txn.banking.pcfinancial.ca/a/authentication/preSignOn.ams which is https but is run by the site "unknown" as oppose to Ing direct which is https://secure.ingdirect.ca/InitialINGDirect.html?command=displayLogin&device=web&locale=en_CA and has a fully qualified certificate.
The PCfinancial shows up with a blue https URL and Ing direct shows up in Green. this clearly suggest that the Blue HTTPs is not as secure as the domain information is missing and therefore could be controled by another party? Please note references to wikipeadia (see https Secure) describes the blue certificate as a "common certificate"
Also note that other sites like twitter have a Green URL when visited. What are the security risks with a Blue URL or display with "which is run by unknown"
所有回覆 (2)
There should normally no problem with sites that still have a DV (Domain Validated) SSL certificate.
Only websites that present an EV (Extended Validated) SSL certificate can be validated by the issuer of the certificate.
With both sites I only get a 3DES-EDE-CBC 168 bit connection and they can benefit from an update of there server software because they aren't supporting AES-256.
I now understand that https with a green background is a high order certificate and the preferred (highest form of security) others https which are grey in the URL field are low order and not as secure.
Because of this I cannot understand why Firefox after version 13 does not should a clear green inverted https "url screen like others like Explorer, Opera and chrome.