-#identity-popup-securityView.verifiedDomain,
-#identity-popup-security-content.verifiedDomain {
- background-image: url(chrome://browser/skin/controlcenter/conn-secure-dv.svg);
+#identity-popup[connection=chrome] #identity-popup-securityView,
+#identity-popup[connection=chrome] #identity-popup-security-content {
+ background-image: url(chrome://branding/content/icon48.png);
+}
+
+#identity-popup[connection^=secure] #identity-popup-securityView,
+#identity-popup[connection^=secure] #identity-popup-security-content {
+ background-image: url(chrome://browser/skin/controlcenter/conn-secure.svg);
+}
+
+/* Use [isbroken] to make sure we don't show a lock on an http page. See Bug 1192162. */
+#identity-popup[ciphers=weak] #identity-popup-securityView,
+#identity-popup[ciphers=weak] #identity-popup-security-content,
+#identity-popup[mixedcontent~=passive-loaded][isbroken] #identity-popup-securityView,
+#identity-popup[mixedcontent~=passive-loaded][isbroken] #identity-popup-security-content {
+ background-image: url(chrome://browser/skin/controlcenter/conn-degraded.svg);