[cabfpub] downgrade DV UI RE: OIDs for DV and OV

Sigbjørn Vik sigbjorn at opera.com
Wed Nov 5 13:28:41 UTC 2014

On 04-Nov-14 22:32, Eddy Nigg wrote:
> On 11/04/2014 03:09 PM, Richard Wang wrote:
>> *How about display “domain ownership verified” instead of “Identity
>> verified”*
> If at all it should be clearly "domain control validated" - that's what
> it is, not more and also not less.

UI is hard, if you have issues with the particular UI of a particular
browser, you should file a bug report with that browser. However, in
this case, I believe "Identity verified" is correct", and that "domain
control validated" is incomprehensible incorrect gibberish :P

The browser has verified that the site really is the site that is shown;
the identity of the site has been verified. This is also what it shows
to the user, so this is correct. If the address bar (and the text next
to "Identity verified") says match.com, the user can be sure that the
site shown really is match.com. The browser has not verified that the
site belongs to or is controlled by any particular organization, nor
does it state that, nor should it state that.

"Domain" in English means "territory". Stating "Territory control
verified" is incomprehensible gibberish, "domain" is only understandable
to people who speak technobabble, which most users don't. The words in
the UI refer to what the browser has done, not what some third party has
done, and the browser has not validated any domain control, so stating
that would additionally be incorrect. Hence "incomprehensible incorrect

For the record, Opera does not believe in any distinction between OV and
DV, it is hard to see how this would aid users. EV is already available
for those who care about identity. Personally, I am not even convinced
about the DV/EV distinction in primary chrome, I believe it confuses as
much as it aids, preferably I'd just show users a single "Secure/not
secure" indicator, delegating anything else to secondary chrome. (If EV
actually provided extra security over regular https - e.g. minimum
TLSv1.1, then I might be convinced of the benefits, but that is a
different discussion.)

Sigbjørn Vik
Opera Software

More information about the Public mailing list