Mozilla, along with other browser makers, has been tightening up the rules around HTTPS connections in its Firefox browser by deprecating certain features for HTTP communication and by encouraging web developers to use HTTPS in a stricter fashion. The latest announcement is mainly user-focused by making it more clear just how much security different HTTPS modes provide.
Up until now, Firefox has been showing a grey lock icon for sites that use Domain Validated (DV) certificates, and a green lock for those that use Extended Validation (EV) certificates. Mozilla realized that many users might not understand the difference and may think the DV sites aren't as secure. That's why Firefox will now show sites that use DV certificates with a green lock as well.
Mixed Active Content
Mozilla has been showing a grey and white shield alongside the lock icon for sites with Mixed Active Content. These are HTTPS sites that also use content served over HTTP that can interact with the rest of the HTTPS website. This leaves the site vulnerable to malicious attacks.
Mozilla will replace the grey and white shield with a green lock icon and a small grey warning sign to signify that the site isn't as secure as it should be. However, those who visit such sites shouldn't worry too much as Firefox automatically blocks the Mixed Active Content by default. This could cause some problems with some sites and users could deactivate this protection, but Mozilla found only a small number of users ever do that.
Mixed Passive Content
Another category of mixed content is called Mixed Passive Content, which mainly refers to embedded images or video being served over HTTP within an HTTPS website. This type of content isn't blocked by default in Firefox.
This was previously reflected in the browser as a grey warning sign. The icon has been updated to a grey lock icon with a vibrant yellow warning sign to show that the site isn't secure. This sign is also shown when the cryptography used by websites has been deprecated by the browser.
Mozilla announced that it made similar changes for its mobile Firefox browser as well.
Lucian Armasu is a Contributing Writer for Tom's Hardware. You can follow him at @lucian_armasu.