| Index: chrome/app/generated_resources.grd
|
| ===================================================================
|
| --- chrome/app/generated_resources.grd (revision 114571)
|
| +++ chrome/app/generated_resources.grd (working copy)
|
| @@ -2730,7 +2730,7 @@
|
| This is probably not the site you are looking for!
|
| </message>
|
| <message name="IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS" desc="Details for an unsafe common name in an X509 certificate">
|
| - You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but instead you actually reached a server identifying itself as <ph name="DOMAIN2"><strong>$2<ex>fakepaypal.com</ex></strong></ph>. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of <ph name="DOMAIN3"><strong>$3<ex>paypal.com</ex></strong></ph>. You should not proceed.
|
| + You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but instead you actually reached a server identifying itself as <ph name="DOMAIN2"><strong>$2<ex>fakepaypal.com</ex></strong></ph>. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of <ph name="DOMAIN3"><strong>$3<ex>paypal.com</ex></strong></ph>.
|
| </message>
|
| <message name="IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION" desc="Description for an unsafe common name in an X509 certificate">
|
| Server's certificate does not match the URL.
|
| @@ -2740,7 +2740,7 @@
|
| The site's security certificate has expired!
|
| </message>
|
| <message name="IDS_CERT_ERROR_EXPIRED_DETAILS_EXTRA_INFO_2" desc="2nd paragraph of extra information for an expired X509 certificate">
|
| - For a certificate which has not expired, the issuer of that certificate is responsible for maintaining something called a "revocation list". If a certificate is ever compromised, the issuer can revoke it by adding it to the revocation list, and then this certificate will no longer be trusted by your browser. Revocation status is not required to be maintained for expired certificates, so while this certificate used to be valid for the website you're visiting, at this point it is not possible to determine whether the certificate was compromised and subsequently revoked, or whether it remains secure. As such it is impossible to tell whether you're communicating with the legitimate website, or whether the certificate was compromised and is now in the possession of an attacker with whom you are communicating. You should not proceed past this point.
|
| + For a certificate which has not expired, the issuer of that certificate is responsible for maintaining something called a "revocation list". If a certificate is ever compromised, the issuer can revoke it by adding it to the revocation list, and then this certificate will no longer be trusted by your browser. Revocation status is not required to be maintained for expired certificates, so while this certificate used to be valid for the website you're visiting, at this point it is not possible to determine whether the certificate was compromised and subsequently revoked, or whether it remains secure. As such it is impossible to tell whether you're communicating with the legitimate website, or whether the certificate was compromised and is now in the possession of an attacker with whom you are communicating.
|
| </message>
|
| <message name="IDS_CERT_ERROR_EXPIRED_DESCRIPTION" desc="Description for an expired X509 certificate">
|
| Server's certificate has expired.
|
| @@ -2803,10 +2803,10 @@
|
| The server's security certificate is revoked!
|
| </message>
|
| <message name="IDS_CERT_ERROR_REVOKED_CERT_DETAILS" desc="Details of the error page for a revoked certificate">
|
| - You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but the certificate that the server presented has been revoked by its issuer. This means that the security credentials the server presented absolutely should not be trusted. You may be communicating with an attacker. You should not proceed.
|
| + You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but the certificate that the server presented has been revoked by its issuer. This means that the security credentials the server presented absolutely should not be trusted. You may be communicating with an attacker.
|
| </message>
|
| <message name="IDS_CERT_ERROR_REVOKED_CERT_EXTRA_INFO_2" desc="2nd paragraph of extra information for a revoked X509 certificate">
|
| - In this case, the certificate presented to your browser has been revoked by its issuer. This usually means that the integrity of this certificate has been compromised, and that the certificate should not be trusted. You absolutely should not proceed past this point.
|
| + In this case, the certificate presented to your browser has been revoked by its issuer. This usually means that the integrity of this certificate has been compromised, and that the certificate should not be trusted.
|
| </message>
|
| <message name="IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION" desc="Description of the error page for a revoked certificate">
|
| Server's certificate has been revoked.
|
| @@ -2829,10 +2829,10 @@
|
| The site's security certificate is signed using a weak signature algorithm!
|
| </message>
|
| <message name="IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DETAILS" desc="Details of the error page for a certificate signed using a weak signature algorithm">
|
| - You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but the server presented a certificate signed using a weak signature algorithm. This means that the security credentials the server presented could have been forged, and the server may not be the server you expected (you may be communicating with an attacker). You should not proceed.
|
| + You attempted to reach <ph name="DOMAIN"><strong>$1<ex>paypal.com</ex></strong></ph>, but the server presented a certificate signed using a weak signature algorithm. This means that the security credentials the server presented could have been forged, and the server may not be the server you expected (you may be communicating with an attacker).
|
| </message>
|
| <message name="IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_EXTRA_INFO_2" desc="2nd paragraph of extra information for a X509 certificate signed using a weak signature algorithm">
|
| - In this case, the server certificate or an intermediate CA certificate presented to your browser is signed using a weak signature algorithm such as RSA-MD2. Recent research by computer scientists showed the signature algorithm is weaker than previously believed, and the signature algorithm is rarely used by trustworthy websites today. This certificate could have been forged. You should not proceed past this point.
|
| + In this case, the server certificate or an intermediate CA certificate presented to your browser is signed using a weak signature algorithm such as RSA-MD2. Recent research by computer scientists showed the signature algorithm is weaker than previously believed, and the signature algorithm is rarely used by trustworthy websites today. This certificate could have been forged.
|
| </message>
|
| <message name="IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION" desc="Description of the error page for a certificate signed using a weak signature algorithm">
|
| Server's certificate is signed using a weak signature algorithm.
|
| @@ -7659,6 +7659,9 @@
|
| <message name="IDS_SSL_BLOCKING_PAGE_EXIT" desc="'Back' button text of the SSL blocking page.">
|
| Back to safety
|
| </message>
|
| + <message name="IDS_SSL_BLOCKING_PAGE_SHOULD_NOT_PROCEED" desc="Message advising the user not to proceed past the SSL blocking page.">
|
| + You should not proceed, <strong>especially</strong> if you have never seen this warning before for this site.
|
| + </message>
|
|
|
| <!-- SSL Error Page -->
|
| <message name="IDS_SSL_ERROR_PAGE_TITLE" desc="The title of the SSL error page.">
|
|
|
Chromium Code Reviews
Issue 8856010:
Remove the wording that suggests it is possible to proceed after fatal SSL error. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/