This year is seeing many new developments in the use of SSL. Most significantly, Microsoft’s launch of Extended Validation (EV) certificates in Internet Explorer at the start of the year is the first major change in the way SSL is presented to the user. Instead of the padlock icon to show a secure site, EV certificated sites are shown by a green background in the URL box in Internet Explorer in Vista (a feature also available to XP users if they update and configure their browser appropriately); this is intended to provide banks and retailers with a clearer way of showing users that they are on the genuine website.
Adoption of EV certificates has been slow, however: there were around 700 EV certificates in public use last month, passing 0.1% of the survey for the first time. There are many possible causes for this slow adoption, not least the lack of a final standard for EV certificates (well-publicised difficulties surrounding how to allow unincorporated traders to obtain EV certificates being one unresolved issue). Companies are probably waiting for others to go first, since the early adopters are sure to find many users confused by the new interface — it will be some time before the green status bar is as well-known by users as the existing padlock symbol. This is further complicated by speculation that the Mozilla project (makers of Firefox) may not to use green status bar, instead choosing a different presentation.