Problem :
The URL bar in chrome and FireFox shrinks in size depending on how the security of the website is configured. This is bothersome from a UX standpoint because the URL bar’s starting position is always different.
Some websites have only a lock icon (e.g. gmail.com) and some websites have the entire name of the website taking up a lot of space (apple.com says “Apple Inc, US”)
I do appreciate the importance of showing users that a website is secure or signed but I would like this to not come at the cost of the URL bar’s positioning.
I’m also wondering what type of SSL technique causes the website to appear with just a lock versus the entire name of the company.
Solution :
A certificate with the name of the owner in green is an Extended Validation (sometimes Enhanced Validation) certificate; whereas a certificate with simply a lock icon is not Extended Validation.
Cheap certificates can be purchased (or even given away for free these days) using simply a process of proving that you own the domain. This is often done by placing a small file on a webserver that contains a phrase issued by the Certification Authority. Once the CA checks this, it knows you own the domain and can therefore issue you a certificate. These are called Domain Validation (DV) certificates.
Unfortunately, DV certificates can be misleading. If you see a website (https://appple.com) you may decide to buy the latest iPhone 17 (?) from it. But if you didn’t check the URL correctly, your hard earned money may well be in the hand of a scammer before you know it.
Extended Validation (EV) certs were brought in to alleviate this. To get hold of an EV certificates requires far more stringent checks than simply checking you own the domain. This includes proving that you are the organisation named in the certificate, that you own the domain name you’re requesting the certificate for, and that the person requesting is authorised to act on behalf of that organisation.
Apple can prove who they are to the CA and obtain an EV certificate, which gives you the safe green bar in your browser. The scammers who own the appple.com name can’t prove they’re Apple therefore can’t get the EV certificate.
EV certificates show the company name in green in the URL bar versus OV and DV certificates that show only a padlock. It is not an “SSL technique” just of choice by browsers to treat certificates differently based on some criteria (like Firefox is heavily against self signed certificates).
See the details in this other answer: https://security.stackexchange.com/a/135578/137710 and others the in same question