Should We Keep Calling the EV-SSL-Enabled Interface a “Green Address Bar?”
When Extended Validation (EV) SSL first launched in 2007 people began to refer to the "green address bar." Browser interfaces have evolved since then. Perhaps the way we refer to how these TLS / SSL certificates display should evolve as well.
Back in 2007 the industry announced Extended Validation (EV) SSL. The first browser to present EV certificates with a difference in the interface was Internet Explorer, which displayed the address bar with a green background and included the authenticated company brand name to the right of the URL.
Subsequently we saw support in Firefox, Chrome, Safari, Opera, and others. While these browsers didn’t choose to make the entire address bar green, they did prominently feature the green color by presenting the authenticated company name (and perhaps some other info) in green up next to the URL.
It may not be surprising, therefore, that the industry started to refer to the EV interface convention as the “green address bar.” We needed a word to discuss how EV certificates display differently, and since each browser controlled its own interface choices, this term was descriptive of all of them.
But even then, in a way this phrase missed the point. The important thing about Extended Validation SSL is that the identity of the certificate owner is reliably authenticated using the best practices available. That authenticated company name is what really matters. The green color is just a way to call attention to that name (and even then, only for users who are not red-green color blind).
In fact, not all browsers are even using the color green any more. In 2018 Chrome removed the green color from the displayed company name.
So I have to wonder if it’s time for all of us to update our nomenclature to more accurately reflect the benefit of Extended Validation. In our writing at Sectigo we have tried to address both points, sometimes referring to it as the “company-branded address bar” and sometimes as the “green address bar.” This latter reference is in acknowledgement that the commonly used phrase has communicative value simply because it’s the phrase many people will expect to see.
I expect we will continue with that strategy for a while. We may adjust based on what we hear back from the market and our industry peers, and ultimately we’ll be seeking to speak to the community of TLS / SSL certificate users in the clearest and most communicative way we can find.