The Wisdom of IE7 and Suspicious Web Sites
IE7 does a very good job of warning you in a more in-your-face way when something doesn't smell correct. Since IE7 is imminent (that means this month, folks) you need to be prepared as it will get delivered via a high priority automatic update and likely spread faster than IE6 did.
There's a good checklist at the IEBlog:
Download, install and test your products with IE7 RC 1 –This is the fastest and best way to test for compatibility issues.
Download the IE7 Readiness Toolkit - This toolkit pulls together a number of important resources to help you prepare for IE7.
Download and use the Application Compatibility Toolkit – Helps test browser-based applications to ensure they work with IE7.
Visit the Microsoft Internet Explorer Developer Center – You will find an array of important information for developers.
Use the Information Index for Internet Explorer7 – A table of contents linking you to documentation, blog posts, whitepapers and other information on IE7.
Read the IE Team Blog – Use the search feature on the right to find previous posts on almost any topic you can think of with regard to IE7.
These are good resources, but while there will likely be strange CSS and HTML bugs, they won't be as "in your face" as the SSL Certificate related errors that would really cramp your style.
Here's a few gotchas to watch for:
"There's something wrong with the certificate" - This means that the DNS name registered to the certificate is NOT the name in the Address Bar. In this example I visited a valid site using it's IP address rather than the DNS name. This is a common thing for folks to use in development when they access internal sites via IP. You can get around this by setting your HOSTS file to use the correct DNS entries while you're in development/staging.
Note that this warning isn't specifically the new IE7 Phishing Filter, but rather a much better calling out common problems with SSL certificates. Certificate revocations or problems confirming the legitimacy of a cert from it's issuing body will turn the address bar YELLOW.
If you insist and click on "Continue to this website (not recommended)", your address bar will turn RED and you'll get a big scary "Certificate Error" light up. If you click it, you'll see a dialog like this:
"Reported phishing website" - If you're an evil phisher, or you've visited an evil phisher's website, you'll see this even scarier dialog:
"Suspicious Website" - If the site is dodgey, but not confirmed evil, your address bar will turn YELLOW:
Be ready, make sure your certs are valid and you're addressing them correctly.