Security/Features/Better Cert Error Pages

Please use "Edit with form" above to edit this page.

Status

Better Cert Error/Warning Pages
Stage	Draft
Status	`
Release target	`
Health	OK
Status note	`

Team

Product manager	Sid Stamm
Directly Responsible Individual	`
Lead engineer	`
Security lead	`
Privacy lead	`
Localization lead	`
Accessibility lead	`
QA lead	`
UX lead	`
Product marketing lead	`
Operations lead	`
Additional members	Camilo Viecco, David Keeler, Kathleen Wilson, April King

Open issues/risks

`

Stage 1: Definition

1. Feature overview

Our OCSP and cert validation warning/error pages are complicated and hard to understand. We should redesign and revamp them, but need some UX magic.

Bug #945961 - Behavior during an OCSP failure does not match the preference description to treat the cert as invalid - only way to over-ride an OCSP error is to unset the preference then browse to the page again, then reset the preference.

Should be able to view the cert chain for the Untrusted Connection error.

The error pages should have "Learn More" links to SUMO pages.

2. Users & use cases

`

3. Dependencies

`

4. Requirements

`

Non-goals

`

Stage 2: Design

5. Functional specification

`

6. User experience design

`

Stage 3: Planning

7. Implementation plan

`

8. Reviews

Security review

`

Privacy review

`

Localization review

`

Accessibility

`

Quality Assurance review

`

Operations review

`

Stage 4: Development

9. Implementation

`

Stage 5: Release

10. Landing criteria

`

Feature details

Priority	P3
Rank	999
Theme / Goal	Product Hardening
Roadmap	Security
Secondary roadmap	`
Feature list	`
Project	`
Engineering team	Security

Team status notes

	status	notes
Products	`	`
Engineering	`	`
Security	`	`
Privacy	`	`
Localization	`	`
Accessibility	`	`
Quality assurance	`	`
User experience	`	`
Product marketing	`	`
Operations	`	`