Today I want to tell you about both our established plan to highlight secure sites in IE7 but also to tell you about some early thinking in the industry about creating stronger standards for identity on the internet.

IE7 will join other browsers like Firefox, Opera and Konqueror in making the experience for secure (HTTPS) sites more visible by moving the lock icon into the address bar. We think the address bar is also important for users to see in pop-up windows. A missing address bar creates a chance for a fraudster to forge an address of their own. To help thwart that, IE7 will show the address bar on all internet windows to help users see where they are. IE7 will also help users avoid fraudulent sites if users choose to use the Phishing Filter to check a site for known phishing activity.

Today the lock icon in your browser window fundamentally means that your traffic with the website is encrypted, and that a trusted third party, known as a Certification Authority, has identified the website. Certification Authorities offer certificates with broadly different levels of background checking for the website. Unfortunately, there is no industry standard method for anyone to tell what level of background checking was performed for a given site.

On Wednesday, we met with folks from other browser vendors including Mozilla (which is the basis of Firefox), Opera and Konqueror to discuss this situation (other browser vendors were invited but weren�ft able to attend). George Staikos from Konqueror was good enough to host all of us in Toronto. Along with picking up the tab for lunch, George brewed coffee strong enough to bring weary travelers from Oslo and Redmond into the same time zone. Microsoft and others in the group think our users should have a better experience when they visit a website that passed a more rigorous identification process.