Рейтинг 5 из 5 звёзд

This is an awesome extension, just what I was looking for. It would be nice if you could add an option to disable the warnings for new certs and only warn on changed certs, even if the preference didn't have a GUI. The new cert dialog pops up so much I dug into CertPatrol.js and commented out the openDialog for outnew... but I'll need to repeat for each update until you add it as a feature.

Update 2011-01-20: Thanks! The new version is great, except I am constantly getting false positives for Google Docs. Unfortunately, this is also a very important site that I want Cert Patrol's protection. They're obviously using multiple certificates on different servers, and as I'm swapped between servers I keep seeing updates.

So... how hard would it be to add the ability to keep multiple versions of the same certificate? Or, alternatively, to say that I trust a specific CA for google (in this case, Google has its own intermediate CA) but want to be notified if I see any others.

To give you an idea of the false positive problem, I get this several times a day, to the point that I find myself trained to ignore the warnings.

Это отзыв для предыдущей версии этого дополнения (1.2.3). 

Do you encounter so many new certificates all the time? I'll find a solution. It should be better than just to ignore first encountered certificates since MITM may already be happening then, but also better than to disturb the user with pop-ups if they are definitely too many.

Update: I uploaded 1.3.5beta which has options to make less intrusional notification boxes instead of pop-ups for all lesser threatening events. :)

Рейтинг 5 из 5 звёзд

Here's a good reason to install this extension: http://www.wired.com/threatlevel/2010/03/packet-forensics/

Это отзыв для предыдущей версии этого дополнения (1.2). 

Рейтинг 5 из 5 звёзд

Hi!!!!!!!!!!!!!!!!!!!!!!!

I'm using this addon into my project factorBEE!!!!!!!!!!!!

I would like to email you, to ask you some things (and, perhaps, to suggest you features you could add to Certificate Patrol!!!!).

Well, i haven't found your email address anywhere!!!!!!!!!!!!!! my email address is written here: http://honeybeenet.altervista.org/factorbee/?id=800000 so you should email me first!!!!!!!!!!!!!!!!

~bee!!!!!!!!!!!!!!!!

Это отзыв для предыдущей версии этого дополнения (1.0). 

in the PSYC chatroom ( https://psyced.org/PSYC/ or psyc://psyced.org/@welcome or xmpp:*welcome@psyced.org or irc://psyced.org/welcome ) linked from the *actual* homepage of the add-on, which is http://patrol.psyced.org

Рейтинг 5 из 5 звёзд

Great idea, just what I was looking for!
If there was an option to switch between "admin/learning mode" (current way of working) and "user/working mode" (deny access on unknown cert), this would be absoultely PERFECT.

re: "is it really important to show certificate details the first time when I visit an https site?"
Yes, yes it is, if you actually care whether it's the real site you want or whether it's a phishing impostor, you should verify with the site owner that the certificate fingerprints are correct. Unfortunately, only a few people actually do that, as this should be done through a different (secure) channel than the browser, e.g. through a snail-mail letter or over the phone. Example: I go to https://mybank.example.com/ , I get a "new certificate" warning. I call MyExampleBank's support and check the certificate fingerprints with them. If they don't match what I'm seeing, the site is most probably a fake.

Это отзыв для предыдущей версии этого дополнения (0.7). 

Hey Jan & eyv, thanks for Kudos! We only get to the certificate data "after the fact," that is - after the certificate got accepted. So should Patrol think you ran into an evil certificate it would have to do funny things in order to keep you from accessing it anyway, like closing the page for you. Is this something we would want? Maybe there are other/newer hooks that I am not aware of, though.

Рейтинг 5 из 5 звёзд

Great idea, just what I was looking for!
If there was an option to switch between "admin/learning mode" (current way of working) and "user/working mode" (deny access on unknown cert), this would be absoultely PERFECT.

re: "is it really important to show certificate details the first time when I visit an https site?"
Yes, yes it is, if you actually care whether it's the real site you want or whether it's a phishing impostor, you should verify with the site owner that the certificate fingerprints are correct. Unfortunately, only a few people actually do that, as this should be done through a different (secure) channel than the browser, e.g. through a snail-mail letter or over the phone. Example: I go to https://mybank.example.com/ , I get a "new certificate" warning. I call MyExampleBank's support and check the certificate fingerprints with them. If they don't match what I'm seeing, the site is most probably a fake.

Это отзыв для предыдущей версии этого дополнения (0.7). 

Рейтинг 4 из 5 звёзд

I love the idea of notifying users when certificates change, but is it really important to show certificate details the first time when I visit an https site? If you really feel it is vital, I would encourage you to make it a preference value (enabled by default).
Otherwise, good idea and good job. Thanks!

Это отзыв для предыдущей версии этого дополнения (0.7). 

We've had it in the 1.3beta series for a while, now it is public with version 1.4: New certificates do not pop up by default any longer, and there is a preference switch to change that.

Рейтинг 5 из 5 звёзд

works flawlessly on ff 3.0.10

Это отзыв для предыдущей версии этого дополнения (0.6). 

Рейтинг 3 из 5 звёзд

please make it support FF 3.0.5, thanks a lot.

Это отзыв для предыдущей версии этого дополнения (0.4.0.5). 

fixed in version 0.4.0.5 or .6. forgot to mention...