chrome/app/generated_resources.grd

Index: chrome/app/generated_resources.grd
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd
index 2298421f82397a447e13adbd847e4f59c3682f46..1667a3968a898481ea49c04361a75de54a84743e 100644
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -9700,7 +9700,7 @@ I don't think this site should be blocked!
       </message>
 
       <message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_NO_CT" desc="The text of the identity section when the page is secure and no Certificate Transparency information is present.">
-        The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph> but does not have public audit records.
+        The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph>. It does not have public audit records.

[Ryan Sleevi, 2015/05/01 01:01:28]

I suspect if you really want to find alternative language, here's _an_
alternative, although I suspect CAs will dislike it even more, even if it too is
technically accurate.

NO_CT
"The identity of this website has been verified by blah. This cannot be
independently confirmed using Certificate Transparency."
likewise,
CT_VERIFIED
"The identity of this website has been verified by blah. This can be
independently confirmed using Certificate Transparency."
CT_UNVERIFIED
"The identity of this website has been verified by blah. This may not be able to
be independently confirmed using Certificate Transparency, as the proof is from
an unknown party." 
CT_INVALID
"The identity of this website has been verified by blah. This cannot be
independently confirmed using Certificate Transparency, as the proof is
corrupted."


All of those feel way long, but hey, it gives you something more explainable.

Alternatively, on the more technical side
NO_CT
"The identity of this website has been verified by blah. No signed certificate
timestamps were provided that could publicly confirm this."
CT_VERIFIED
"The identity of this website has been verified by blah. Signed certificate
timestamps were provided that publicly confirm this."
CT_UNVERIFIED
"The identity of this website has been verified by blah. Signed certificate
timestamps were provided to publicly confirm this, but by logs that are not
recognized or trusted."
CT_INVALID
"The identity of this website has been verified by blah. Signed certificate
timestamps were provided to publicly confirm this, but they were not valid."

If we bark up that bikeshed, it might help to talk to the CT team to figure out
the wording idioms to best use for consistent messaging (since that helps your
'search scoring').

I'm happy to leave those changes as minor though, but I didn't want you to feel
like your concerns were unaddressed or unappreciated.

       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_CT_VERIFIED" desc="The text of the identity section when the page is secure and a Signed Certificate Timestamp from a known Certificate Transparency log is present and valid.">
         The identity of this website has been verified by <ph name="ISSUER">$1<ex>VeriSign</ex></ph> and is publicly auditable.
@@ -9721,7 +9721,7 @@ I don't think this site should be blocked!
       </message>
 
       <message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_NO_CT" desc="The text of the identity section when the page is secured with an EV cert and no Certificate Transparency information is present.">
-        The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph> but does not have public audit records.
+        The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph>. It does not have public audit records.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_CT_VERIFIED" desc="The text of the identity section when the page is secured with an EV cert and a Signed Certificate Timestamp from a known Certificate Transparency log is present and valid.">
         The identity of <ph name="ORGANIZATION">$1<ex>Google</ex></ph> at <ph name="LOCALITY">$2<ex>Mountain View, CA US</ex></ph> has been verified by <ph name="ISSUER">$3<ex>VeriSign</ex></ph> and is publicly auditable.
@@ -9751,19 +9751,19 @@ I don't think this site should be blocked!
       </message>
 
       <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_CONNECTION_TEXT" desc="The text of the connection section when the connection is encrypted.">
-        Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with modern cryptography.
+        Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with a modern cipher suite.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_WEAK_ENCRYPTION_CONNECTION_TEXT" desc="The text of the connection section when the connection uses weak encryption.">
-        Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with obsolete cryptography.
+        Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is encrypted with a weak cipher suite.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT" desc="The text of the connection section when the connection is not encrypted.">
         Your connection to <ph name="DOMAIN">$1<ex>www.google.com</ex></ph> is not encrypted.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_WARNING" desc="Some extra text of the connection section when the connection is encrypted and the page contains insecure content which has been displayed (e.g. images, CSS).">
-        However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page.
+        Further, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the look of the page.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_INSECURE_CONTENT_ERROR" desc="Some extra text of the connection section when the connection is encrypted and the page contains insecure content which has been run (e.g. script).">
-        However, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page.
+        Further, this page includes other resources which are not secure. These resources can be viewed by others while in transit, and can be modified by an attacker to change the behavior of the page.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTED_SENTENCE_LINK" desc="Linking 2 sentences in 1 paragraph.">
         <ph name="SENTENCE1">$1<ex>Your connection is encrypted.</ex></ph> <ph name="SENTENCE2">$2<ex>However, this page includes resources from other pages whose identity cannot be verified.</ex></ph>
@@ -9772,7 +9772,7 @@ I don't think this site should be blocked!
         The connection uses <ph name="SSL_VERSION">$1<ex>TLS 1.0</ex></ph>.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS" desc="This message gives details of the cryptographic primitives used to protect the HTTPS connection.">
-        The connection is encrypted using <ph name="CIPHER">$1<ex>AES_128</ex></ph>, with <ph name="MAC">$2<ex>SHA1</ex></ph> for message authentication and <ph name="KX">$3<ex>RSA</ex></ph> as the key exchange mechanism.
+        The connection is encrypted using <ph name="CIPHER">$1<ex>AES_128</ex></ph>, with <ph name="MAC">$2<ex>HMAC-SHA1</ex></ph> for message authentication and <ph name="KX">$3<ex>RSA</ex></ph> as the key exchange mechanism.
       </message>
       <message name="IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS_AEAD" desc="This message gives details of the cryptographic primitives used to protect the HTTPS connection. It should be translated in a similar manner as IDS_PAGE_INFO_SECURITY_TAB_ENCRYPTION_DETAILS">
         The connection is encrypted and authenticated using <ph name="CIPHER">$1<ex>AES_128_GCM</ex></ph> and uses <ph name="KX">$2<ex>RSA</ex></ph> as the key exchange mechanism.