Closing the webbrowser-app task, it’s already doing the right thing wrt
certificates (minus differentiating EV certificates, which is bug
#1402725).
** Changed in: webbrowser-app (Ubuntu)
Status: Confirmed => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to webbrowser-app in Ubuntu.
https://bugs.launchpad.net/bugs/1489643
Title:
[pay UI] Paypal login cannot be assured to be from paypal
Status in Canonical System Image:
Confirmed
Status in pay-ui:
Triaged
Status in Ubuntu UX:
Triaged
Status in webbrowser-app package in Ubuntu:
Invalid
Bug description:
When paying for an app with Paypal, the Paypal login screen is
presented in an Ubuntu wrapper. There is no indication on this page
that I'm actually looking at paypal.com rather than being phished or
that some bad DNS has pointed me to a wrong site. The padlock in the
top corner doesn't indicate anything I'm inclined to believe -- is it
showing that the connection is https? Has it verified that I'm really
talking to Paypal? How can I know that? This is encouraging people to
type their Paypal password into phishing sites. The previous step in
the purchase process, where I'm choosing which payment system to use,
also displays a padlock, and that hasn't connected to any payment site
at all.
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-devices-system-image/+bug/1489643/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
