[cabfpub] Chrome security warning discrepancy?

Rob Stradling rob.stradling at comodo.com
Mon Jan 26 21:30:48 UTC 2015

BTW, I just filed a new bug for this:


On 26/01/15 20:47, Rob Stradling wrote:
> Dean, what puzzles me about that www.marriott.com screenshot is that
> Chrome makes two apparently conflicting statements (emphasis mine)...
> "Identity _not verified_"
> and
> "The identity of this website _has been verified_ by <CA Name>"
> Which of these two statements is correct?!?
> On 24/01/15 16:55, Dean Coclin wrote:
>> I recently downloaded the newest version of Chrome (Version 40.0.2214.91
>> m)  and am now baffled by the certificate information. Here are 2 examples:
>> This screen shot shows https://www.Marriott.com. First it shows the
>> green lock and https as a normal indication of a secure connection. But
>> below it says the site is using outdated security settings. I thought if
>> it said this, then we would see a yellow indication (triangle or
>> question mark) above. Have things changed?
>> Further, it says “Identity not verified” even though the site has
>> undergone OV vetting and all information in the cert about the company
>> was checked.
>> Contrast this to the 2^nd site below,
>> https://www.carbon2cobalt.com/statuslogin.asp which has a DV cert yet
>> says “Identity verified”:
>> Both sites have had their domain names “validated” yet why say “Identity
>> verified” with a DV cert and not an OV cert?
>> Does anybody understand this?
>> Thanks,
>> Dean
>> _______________________________________________
>> Public mailing list
>> Public at cabforum.org
>> https://cabforum.org/mailman/listinfo/public

Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
Office Tel: +44.(0)1274.730505
Office Fax: +44.(0)1274.730909

COMODO CA Limited, Registered in England No. 04058690
Registered Office:
   3rd Floor, 26 Office Village, Exchange Quay,
   Trafford Road, Salford, Manchester M5 3EQ

This e-mail and any files transmitted with it are confidential and 
intended solely for the use of the individual or entity to whom they are 
addressed.  If you have received this email in error please notify the 
sender by replying to the e-mail containing this attachment. Replies to 
this email may be monitored by COMODO for operational or business 
reasons. Whilst every endeavour is taken to ensure that e-mails are free 
from viruses, no liability can be accepted and the recipient is 
requested to use their own virus checking software.

More information about the Public mailing list