I feel like I'm missing something here, as both you and the article heavily imply that Chrome displayed EV certs prior to 52. In my experience, Chrome hasn't displayed EVs; here's an EV cert site for me under Chrome 51: https://i.imgur.com/azKdzPd.png — this is the same presentation it gives DV certificates.
I'd see a MitM in the cert chain if I manually inspect it, wouldn't I? (It'd be signed by the corporate MitM CA cert, right?)
Interesting that it shows up in your screenshot though; BoA on both Chrome 51 (on OS X) and Chrome 51 on Linux doesn't display the EV for BoA, or GitHub.
(I doubt the MitM one, since the Linux machine is my home one. The OS X one is my corp laptop, so corp MitM'ing is believable there.)
or is the screenshot incredibly outdated, since it says Chrome 8, and CT came later?
> I'd see a MitM in the cert chain if I manually inspect it, wouldn't I? (It'd be signed by the corporate MitM CA cert, right?)
Yep, it should show up in the cert chain.
> Interesting that it shows up in your screenshot though; BoA on both Chrome 51 (on OS X) and Chrome 51 on Linux doesn't display the EV for BoA, or GitHub.
I'd guess for some reason Chrome doesn't think it has received a qualified SCT for the certificate and is refusing EV treatment. Not sure which SCT delivery methods Chrome supports, and why they might be failing here.
> or is the screenshot incredibly outdated, since it says Chrome 8, and CT came later?
It's definitely old, but I don't believe it's related. FWIW I'm getting the EV UI on OS X with Chrome 54 when I visit https://www.bankofamerica.com/.
(The same site in Firefox: https://i.imgur.com/yrtypBZ.png )