New SSL blocking screen

chrome/app/generated_resources.grd

Index: chrome/app/generated_resources.grd
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd
index 88d0374f1b5218f6a2cf2a02d2307580b182c285..eaaa84e9f22fff23b5b2f90dd1b39f18262bd973 100644
--- a/chrome/app/generated_resources.grd
+++ b/chrome/app/generated_resources.grd
@@ -9138,29 +9138,74 @@ The following plug-in is unresponsive: <ph name="PLUGIN_NAME">$1
         Stop sharing
       </message>
 
-      <!-- SSL Blocking Page -->
-      <message name="IDS_SSL_BLOCKING_PAGE_TITLE" desc="The title of the SSL blocking page.">
+      <!-- SSL Road Block (Overridable) Page -->
+      <message name="IDS_SSL_OVERRIDABLE_PAGE_TITLE" desc="The title of the overridable SSL interstitial.">
         SSL Error
       </message>
-      <message name="IDS_SSL_BLOCKING_PAGE_PROCEED" desc="Proceed button text of the SSL blocking page.">
+      <message name="IDS_SSL_OVERRIDABLE_PAGE_PROCEED" desc="Proceed button text of the overridable SSL interstitial.">
         Proceed anyway
       </message>
-      <message name="IDS_SSL_BLOCKING_PAGE_EXIT" desc="'Back' button text of the SSL blocking page.">
+      <message name="IDS_SSL_OVERRIDABLE_PAGE_EXIT" desc="'Back' button text of the overridable SSL interstitial.">
         Back to safety
       </message>
-      <message name="IDS_SSL_BLOCKING_PAGE_SHOULD_NOT_PROCEED" desc="Message advising the user not to proceed past the SSL blocking page.">
+      <message name="IDS_SSL_OVERRIDABLE_PAGE_SHOULD_NOT_PROCEED" desc="Message advising the user not to proceed past the SSL interstitial.">
         You should not proceed, &lt;strong&gt;especially&lt;/strong&gt; if you have never seen this warning before for this site.
       </message>
 
-      <!-- SSL Error Page -->
-      <message name="IDS_SSL_ERROR_PAGE_TITLE" desc="The title of the SSL error page.">
-        Security Error
+      <!-- SSL Blocking (Non-Overridable) Page -->
+      <message name="IDS_SSL_BLOCKING_PAGE_TITLE" desc="The title of the non-overridable SSL error.">
+        SSL Error
       </message>
-      <message name="IDS_SSL_ERROR_PAGE_BACK" desc="Back button text of the SSL error page.">
-        Back
+      <message name="IDS_SSL_BLOCKING_PAGE_HEADLINE" desc="Headline of the non-overridable SSL error.">
+        Cannot connect to the real <ph name="SITE">$1<ex>google.com</ex></ph>
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_FIRST_PAR" desc="First paragraph of the non-overridable SSL error.">
+        Something is currently interfering with your secure connection to <ph name="SITE">$1<ex>google.com</ex></ph>.
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_SECOND_PAR" desc="Second paragraph of the non-overridable SSL error.">
+        <ph name="BEGIN_BOLD">&lt;strong&gt;</ph>Try to reload this page in a few minutes or after switching to a new network.<ph name="END_BOLD">&lt;/strong&gt;</ph> If you have recently connected to a new Wi-Fi network, finish logging in before reloading.
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_THIRD_PAR" desc="Third paragraph of the non-overridable SSL error.">
+        If you were to visit <ph name="SITE">$1<ex>google.com</ex></ph> right now, you might share private information with an attacker.
+        To protect your privacy, Chrome will not load the page until it can establish a secure connection to the real <ph name="SITE">$1<ex>google.com</ex></ph>.

[palmer, 2013/09/06 17:01:33]

Nit: Sadly, the style in this file is to have one hugely long line per
paragraph. I'm not sure if you should adhere to it, but other reviewers might
ask you to.

[felt, 2013/09/06 17:37:47]

Alas, done.

+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_MORE_TITLE" desc="Headline for the explanation shown if the user clicks the More button.">
+        What does this mean?
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_MORE_FIRST_PAR" desc="Body text for the explanation shown if user clicks on the More button.">
+        <ph name="SITE">$1<ex>google.com</ex></ph> normally uses encryption (SSL) to protect your information.
+        When Chrome tried to connect to <ph name="SITE">$1<ex>google.com</ex></ph> this time, <ph name="SITE">$1<ex>google.com</ex></ph> returned unusual and incorrect credentials.
+        Either an attacker is trying to pretend to be <ph name="SITE">$1<ex>google.com</ex></ph>, or a Wi-Fi login screen has interrupted the connection.
+        Your information is still secure because Chrome stopped the connection before any data was exchanged.
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_MORE_SECOND_PAR" desc="Body text for the explanation shown if user clicks on the More button.">
+        Network errors and attacks are usually temporary, so this page will probably work later.
+        You can also try switching to another network.
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_TECH_TITLE" desc="Headline for the technical details shown if the user clicks the More button.">
+        Technical details
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_HSTS" desc="Description of an HSTS failure.">
+        <ph name="SITE">$1<ex>google.com</ex></ph> has asked Chrome to block any certificates with errors,
+        but the certificate that Chrome received during this connection attempt has an error.
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_REVOKED" desc="Description of a certificate revocation failure.">
+        The certificate that Chrome received during this connection attempt has been revoked.
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_FORMATTED" desc="Description of an invalid certificate error.">
+        The certificate that Chrome received during this connection attempt is not formatted correctly, so Chrome cannot use it to protect your information.
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_ERROR" desc="Technical detail of the error.">
+        Error type: <ph name="ERROR_TYPE">$1<ex>HSTS Failure</ex></ph>
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_SUBJECT" desc="Technical detail of the error.">
+        Subject: <ph name="SUBJECT">$1<ex>a248.e.akamai.net</ex></ph>
+      </message>
+      <message name="IDS_SSL_BLOCKING_PAGE_ISSUER" desc="Technical detail of the error.">
+        Issuer: <ph name="ISSUER">$1<ex>GTE CyberTrust Global Root</ex></ph>
       </message>
-      <message name="IDS_SSL_ERROR_PAGE_CANNOT_PROCEED" desc="Message advising the user that they cannot proceed past the SSL error page.">
-        You cannot proceed because the website operator has requested heightened security for this domain.
+      <message name="IDS_SSL_BLOCKING_PAGE_FINGERPRINT" desc="Technical detail of the error.">
+        Fingerprint: <ph name="FINGERPRINT">$1<ex>9FEE18CC4302340DDE234345345345</ex></ph>

[palmer, 2013/09/06 17:01:33]

This is going to be the hash of the SPKI in the certificate? So that people can
report it to us in case of MITM or the like? If so, I might change the label to
"Public key fingerprint" or "Key fingerprint" or something.

[felt, 2013/09/09 14:34:12]

Updated this.

       </message>
 
       <!-- Misc strings for SSL UI -->