DuzDiBauseIX

Informazioni utente

Informazioni sullo sviluppatore
Nome DuzDiBauseIX
Utente da Gen. 28, 2015
Numero di componenti aggiuntivi sviluppati 0 componenti aggiuntivi
Media delle valutazioni sui componenti aggiuntivi di questo sviluppatore. Nessun voto

Le mie recensioni

Perspectives

Assegnate 4 su 5 stelle

I really like the idea of this project;
- trust based on majority votes
instead of "..well, the CA's are not compromised *THAT* often, so.. ..I just cross my fingers"

Also, the low need for CPU power (just some MD5, or later, SHA1 fingerprint calculations once in a while),
means that "everyone and their grandma" may set up and run their own notary server..!

I have currently just one issue;
- the "default notary server" list..

It consists of 9 notary servers..

heimdal.herokuapp.com:80
nine-eyes.herokuapp.com:80
perspectives2.networknotary.org:8080
perspectives3.networknotary.org:8080
perspectives4.networknotary.org:8080
perspectives5.networknotary.org:8080
perspectives6.networknotary.org:8080
perspectives7.networknotary.org:8080
perspectives8.networknotary.org:8080

..and only the top 2, heimdal and nine-eyes, are online.
The 7 perspectives*.networknotary.org servers are offline,
and they have been offline now for several months.
(except for #8, which is online maybe 5% - 10% of the time.)

I know (at least, I believe I know!) that the reason is the upgrade from MD5 fingerprints to SHA1 fingerprints.

But still, for a new user, who do not know so much about certificates and stuff..
..he/she may not even know *why* Perspectives is a good add-on, having no clue how it works,
he/she just read someplace that "..and, to be *extra* secure, you should really install the Perspectives add-on!"

Then he/she install it, and is *constantly* getting false positives..
- since, even at the lowest security setting, called "High Availability",
more than 50% of the notary servers need to say "this fingerprint matches the one we have stored for this site"
for the red warning cross to change into the green confirmation check-mark.

So, for us to actually use this very nice add-on these days, we have to...

1) Click the Perspectives red warning cross icon, and choose "Preferences"

2) In the Perspective Preferences window, choose the "Notary Servers" tab

3) Uncheck the "Use default notary servers list" checkbox

4) In the "Additional Notary Servers" form field, paste in this list:

de.yano.nu:8080
-----BEGIN PUBLIC KEY-----
MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAHH17C/zqdzBW3y8Rov0UVFkme6
Idfd1O7wXckTdbd+bu7rClAFMbGijMlxYmNeavhJfyYmYct89dNlIyrnK9fa5PeL
q1g3zj5XybWi+UYrnwjcsKzCsZrWmqjx4ewICzCRypqj76k73eWwTxJ0F3ZWm/Va
VVe6slBxa/Vz6G/A5lgUUWYnktG9BnwnU1CCbQVE9vKnI/Kfv/mfBXbhkc0knRbR
JpMo07AyY2ECAwEAAQ==
-----END PUBLIC KEY-----

perspectives1.schulte.org:8080
-----BEGIN PUBLIC KEY-----
MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAF9YhEaUx+MR/9dw/ceF5+DAmTm
KRylGYKz+rfLSKMS1PMfkGiXVB12qkGOj321PrphLs2s9KWLcxHnCwJdQWcg2xIA
VQbZ2I5me2PEJNC+1Y9nqPR6AeKEljDPK/A1KiTjwDGjpvru8Djp25q++VJjhUZG
y0Wq845LMMUbQGefh05IL4Y9vuMWRUjs0C6enkI5CnCcMIFD1uY5+rsqknw1Nthn
2ZhTVfcjxTsCAwEAAQ==
-----END PUBLIC KEY-----

notary1.constructibleuniverse.net:8080
-----BEGIN PUBLIC KEY-----
MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAFzVqLz5qmyMwd4XuXGPtyDu0VO
hvfpt3fUJz/2bGWRDcWPIZw/1Gzj2VQjDSRXuAnjsnJY46s3P50HDYZ764AYvggd
vD8KjjNv5R5r6jW83bqJJPI2mRJR/Gu0iKZn7H7X8tKuL0qH5ukRAsonYj59qk2N
THZkBtiReqYoMv3+FzxJAbXM3rEp0+x2NzM9MeEA8JwYmCBqXZucDeL8N/WSvqOK
alVDUr82uj8CAwEAAQ==
-----END PUBLIC KEY-----

notary2.qabs.cz:8080
-----BEGIN PUBLIC KEY-----
MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAGYNrXeOuExUPjrwisreOZ67ZTT
xaPVLncYrVrvE2Q3KzAqVvGlhyxZMnSLlHlHD5BJsA3bM/15ForpH/dJL+GnONZY
sQdgVdDXH30231bImuOzqBNCqMsTB4hxg9U6a1J4h7sa1eOn5Zz1EbDGuW2+jEcE
0MjqpaYEEW7FZiZOIJQRz4jX26zfGGhtd7txfkZQ26lhiibo9auCxp1tnVJmBX2S
VisNlAuuLM8CAwEAAQ==
-----END PUBLIC KEY-----

heimdal.herokuapp.com:80
-----BEGIN PUBLIC KEY-----
MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAGhzbwVcnEaT2Hb9WD9Wvh9CVYu
86w+8ZMdO4KG506K77IsERfIuh84YkE4qoDnjfR7TCQBvreVl81lIh5UE0kzO84X
673risoBebbGCNjXQNu5mWkq2Qp7SuuemeXaYFmkpc06t2n6NvNcS9JVm8KJRqBK
qlwqlFgDuDZPUcYmWoIL4sF9w/3ep9nPSIJYburTdpCaeXPGhMiMzh4E2GnJc3Y2
beezGWtciXUCAwEAAQ==
-----END PUBLIC KEY-----

nine-eyes.herokuapp.com:80
-----BEGIN PUBLIC KEY-----
MIHKMA0GCSqGSIb3DQEBAQUAA4G4ADCBtAKBrAEw+W1dv0a00gzVqvHa8SafHhpY
ESsCIB8kj4bb1ccXr7u6vaiBN83ssaPi1N/ZNDlyOnqZwopoZGkgzUxMUNzg9P6V
ph9l7ldMu8XGuwmFoHBgEys633EPcrJcs46lfvNz5JRrYnjh0WMkj0VXvVlYla2g
6aAA80+C7u56D2FodNxWscPNpQWUAHDJOnAWr1CI9CNU/rbl5c85KJ7cW6u+LFBm
pXk2xzJ2tq8CAwEAAQ==
-----END PUBLIC KEY-----

5) Click the "OK" button

Now, we can start using the Perspectives Add-on.
Keep in mind, the old notary results based on the default server list, will still be used by Perspectives,
so to get the green confirmation check-mark,
we have to click the red warning cross icon, and choose "Force Notary Check".
Or, we could also just restart Firefox.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Specifically to perspectives-cmu and dschaefer, the developers of Perspectives..:

I know (again, I *believe* that I know!..) that the MD5 -> SHA1 upgrade will take time.
But in the meantime, while waiting for this..
- maybe you would update Perspectives from 4.5.2 to 4.5.3,
and in that update, you would..

..*temporarily change the default notary list*,
removing the perspectives*.networknotary.org:8080 servers
and instead add some that are currently online..?

Questa recensione riguarda una versione precedente (4.5.2.1-signed) del componente aggiuntivo.