Firefox 3+

From the version3 of Firefox, new color codes have appeared on the URL bar; including EV functions (green bar). Consult the codes.

Personal analysis

The new version of Firefox is not really suucessful regarding SSL matters, at least it dos not stand up to IE7.

• Even though the certificates are recognized by Firefox, all the URL bar is not green, just a tab next to the url bar is.
• FireFox does not display a yellow bar anymore indicating the SSL is active. There is no visual distinction between SSL secured websites and those which are not.
• Firefox put Domain-validated and organization validated certificates on the same level. Even worst, the propoerties of a page holding an organization validated certificate display "This web site does not supply identity information". 3-factor certificates are then depreciated even if they provide way better security than their domain-validated counterparts.
• FireFox 3 reject connexions to a website that does not pass successfully the SSL checking. In other words, a certificate that has not the entire certification chain will be rejected when IE7 reconstitute the missing par of the chain. As in IE7, an exception can be added but users are nontheless discouraged by the alerts.

Other points

• SSLv2 is deactivated on Firefox 3 by default.
• Some users encounter an error: ssl_error_rx_unexpected_change_cipher that did not exist with previous browsers. This bug is linked to OpenSSL 0.9.8g. See
  https://bugzilla.mozilla.org/show_bug.cgi?id=430703 and http://cvs.openssl.org/chngview?cn=17088
•  SSL errors in Firefox
• Explaination about SSL-induced errors
• CRL and OCSP management