{"id":13292,"date":"2021-12-09T20:13:19","date_gmt":"2021-12-10T01:13:19","guid":{"rendered":"https:\/\/carleton.ca\/scs\/?page_id=13292"},"modified":"2026-06-02T14:59:23","modified_gmt":"2026-06-02T18:59:23","slug":"tr-09-02-browser-interfaces-and-ev-ssl-certificates-confusion-inconsistencies-and-hci-challenges","status":"publish","type":"page","link":"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2009\/tr-09-02-browser-interfaces-and-ev-ssl-certificates-confusion-inconsistencies-and-hci-challenges\/","title":{"rendered":"TR-09-02: Browser Interfaces and EV-SSL Certificates: Confusion, Inconsistencies and HCI Challenges"},"content":{"rendered":"\n<section class=\"w-screen px-6 cu-section cu-section--white ml-offset-center md:px-8 lg:px-14\">\n    <div class=\"space-y-6 cu-max-w-child-5xl  md:space-y-10 cu-prose-first-last\">\n\n            <div class=\"cu-textmedia flex flex-col lg:flex-row mx-auto gap-6 md:gap-10 my-6 md:my-12 first:mt-0 max-w-5xl\">\n        <div class=\"justify-start cu-textmedia-content cu-prose-first-last\" style=\"flex: 0 0 100%;\">\n            <header class=\"font-light prose-xl cu-pageheader md:prose-2xl cu-component-updated cu-prose-first-last\">\n                                    <h1 class=\"cu-prose-first-last font-semibold !mt-2 mb-4 md:mb-6 relative after:absolute after:h-px after:bottom-0 after:bg-cu-red after:left-px text-3xl md:text-4xl lg:text-5xl lg:leading-[3.5rem] pb-5 after:w-10 text-cu-black-700 not-prose\">\n                        TR-09-02: Browser Interfaces and EV-SSL Certificates: Confusion, Inconsistencies and HCI Challenges\n                    <\/h1>\n                \n                                \n                            <\/header>\n\n                    <\/div>\n\n            <\/div>\n\n    <\/div>\n<\/section>\n\n<p>Carleton University<br>\n<a href=\"https:\/\/carleton.ca\/scs\/research\/scs-technical-reports\/technical-reports-2009\/\">Technical Report<\/a> TR-09-02<br>\nJanuary 15, 2009<\/p>\n\n\n\n<h2 id=\"browser-interfaces-and-ev-ssl-certificates-confusion-inconsistencies-and-hci-challenges\" class=\"wp-block-heading\">Browser Interfaces and EV-SSL Certificates: Confusion, Inconsistencies and HCI Challenges<\/h2>\n\n\n\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<div class=\"tr_t3\">\n<p class=\"tr_t3\">J. Sobey, P.C. van Oorschot, A. S. Patrick<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div>\n<h3>Abstract<\/h3>\n<p>The introduction of Extended Validation (EV) SSL certificates has caused web browser manufacturers to take a new look at how they design their interfaces for conveying certificate information. In turn, we take a thorough look at the choices they have made. Our observation is that the changes being made significantly increase the confusion surrounding SSL certificates rather than increasing trust. We perform a systematic walkthrough involving dialogues and interfaces related to site identity, certificates, and SSL encryption; raise questions concerning the inconsistencies in their implementations; and highlight the confusion between identity and confidentiality. Prior to carrying out a full user study, we aim to define the problem clearly and to explore some possible alternatives. We suggest some improvements in terms of both mental models and interface design and emphasize the importance of consistency across browsers for appropriate user interaction with these certificate interfaces.<\/p>\n<p><a href=\"https:\/\/carleton.ca\/scs\/wp-content\/uploads\/sites\/260\/TR-09-02.pdf\">TR-09-02.pdf<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Carleton University Technical Report TR-09-02 January 15, 2009 Browser Interfaces and EV-SSL Certificates: Confusion, Inconsistencies and HCI Challenges J. Sobey, P.C. van Oorschot, A. S. Patrick Abstract The introduction of Extended Validation (EV) SSL certificates has caused web browser manufacturers to take a new look at how they design their interfaces for conveying certificate information. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"parent":12434,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"_cu_dining_location_slug":"","footnotes":"","_links_to":"","_links_to_target":""},"cu_page_type":[],"class_list":["post-13292","page","type-page","status-publish","hentry"],"acf":{"cu_post_thumbnail":false},"_links":{"self":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13292","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/comments?post=13292"}],"version-history":[{"count":1,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13292\/revisions"}],"predecessor-version":[{"id":13293,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/13292\/revisions\/13293"}],"up":[{"embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/pages\/12434"}],"wp:attachment":[{"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/media?parent=13292"}],"wp:term":[{"taxonomy":"cu_page_type","embeddable":true,"href":"https:\/\/carleton.ca\/scs\/wp-json\/wp\/v2\/cu_page_type?post=13292"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}