Copyright © 2009 What The Hell? Security
Assume for a moment that you are a legitimate business entity called Example.com. By legitimate I mean you have been vetted in a way that demonstrates you qualify for an Extended Validation SSL (EV-SSL) certificate, whether or not you actually own one or even want to. You publish a webform on your site for consumers to maintain their personal medical history.
You have at your disposal a means to assure a consumer than the form she is at this very moment staring at is yours. By assure I mean:
- prior to her entering any information into the form …
- effortlessly surfacing …
- helpful facts in arbitrary quantity about the form, plus Example.com in general, plus things to do with its Web presence …
- in a manner usable (if not downright inviting, as judged by an HCISec expert) …
- and transparently secure (though verifiable to math nerds)
As the late Billy Mays would say, But wait! There’s more! The aforementioned means also permits you to publish different-looking versions of the form:
- through authorized partner sites
- embedded in authorized PDF documents that get passed around
- integrated into authorized desktop applications
… and revoke them in real time. Knowing how hard you, Example.com, scrape for every nickle of revenue, is it worth spending a few of them on this?
If you said no, then I know that you have been drinking waaaay to much EV-SSL kool-aid.
How do I know that? Because you clearly haven’t tried explaining to Joe “Kool-Aid” Sixpack how the green bar works in the context of a form.
Take the garden variety sign-in page. In precisely which of the sixteen possible cases below (other than the first) should Joe be looking for the green bar in order to feel safe? Hell, YOU explain it to him.
Legend: Yes = Shows a green bar, No = Does not show a green bar
| Case | Page With Sign-In Link |
Sign-On Page | After Submit, Before Land |
After Landing |
|---|---|---|---|---|
| 1 | No | No | No | No |
| 2 | No | No | No | Yes |
| 3 | No | No | Yes | No |
| 4 | No | No | Yes | Yes |
| 5 | No | Yes | No | No |
| 6 | No | Yes | No | Yes |
| 7 | No | Yes | Yes | No |
| 8 | No | Yes | Yes | Yes |
| 9 | Yes | No | No | No |
| 10 | Yes | No | No | Yes |
| 11 | Yes | No | Yes | No |
| 12 | Yes | No | Yes | Yes |
| 13 | Yes | Yes | No | No |
| 14 | Yes | Yes | No | Yes |
| 15 | Yes | Yes | Yes | No |
| 16 | Yes | Yes | Yes | Yes |
There are plenty more reasons why I think you need a kool-aid intervention, but go lick this problem before I point them out.
Filed under: hypertext, security, security soapbox, ssl
