Based on feedback from usability studies and CardSpace users we made a number of changes to CardSpace in the .NET Framework 3.5 release. Some of these changes were designed to make CardSpace easier to use.  The first of these changes we'll describe are to the page shown the first time you visit a site. This page provides you with information about that site to help inform your choice to either "Yes, choose a card to send" or "No, return to the site".

We've changed the Site Information Page to make it cleaner and to bring forward the most pertinent details to the user. We’ve also added several visual cues to alert the user to the level of security a particular site has.

The Site Information Page falls into 3 modes:

·         Extended Validation (EV) SSL Certificate Mode

·         Regular SSL Certificate Mode

·         No Certificate Mode

 

Extended Validation SSL Certificate Mode:

.NET Framework 3.0 Windows CardSpace Site Information Page (OLD):
.NET Framework 3.0- CardSpace - Site Information Page - Extended Validation 

.NET Framework 3.5 Windows CardSpace Site Information Page (NEW):
.NET Framework 3.5 - CardSpace - Site Information Page - Extended Validation

Green Background Color

Following the green address bar that web browsers have implemented for EV certificates, it helps create a consistent experience by following the same coloring scheme to display recipient information in.

Lock Symbol

We added the common lock symbol used to signify SSL protection.

 

Regular SSL Certificate Mode:

.NET Framework 3.0 Windows CardSpace Site Information Page (OLD):
.NET Framework 3.0 - CardSpace - Site Information Page - SSL

.NET Framework 3.5 Windows CardSpace Site Information Page (NEW):
.NET Framework 3.5 - CardSpace - Site Information Page - SSL

Major Internet Business Warning

We have received a lot of feedback pertaining to the warning we show at the top of the page for sites that are protected by an SSL certificate but not an EV certificate, specifically that the wording was too strong. So we’ve downgraded the warning to a notice, while still trying to be true to the intent of the notice, to let the user know that the site could take advantage of stronger forms of verification. We removed the lines which state Organization/Location not verified and just don’t display that information to the user.

Lock Symbol

We added the common lock symbol used to signify SSL protection.

 

No Certificate Mode:

Since we didn’t support non-SSL sites in .NET Framework 3.0, there isn’t an old screenshot we can use to compare and contrast.

.NET Framework 3.5 Windows CardSpace Site Information Page (NEW):
.NET Framework 3.5 - CardSpace - Site Information Page - No SSL

No Protection/Encryption Warning

We wanted this page to really pop out to warn the user that there is no protection with this particular recipient and any data you send to this recipient will not be encrypted and will be sent in the clear.

 

//Toland Hon