Benvenuto in Firefox per Android Add-ons.

Aggiungi nuove funzionalità e stili per rendere Firefox per Android veramente tuo.

Chiudi

In movimento?

Controlla il nostro sito Mobile Add-on.

Chiudi

Jan Martinec

Informazioni utente

Informazioni sullo sviluppatore
Nome Jan Martinec
Utente da Luglio 30, 2008
Numero di componenti aggiuntivi sviluppati 0 componenti aggiuntivi
Media delle valutazioni sui componenti aggiuntivi di questo sviluppatore. Nessun voto

Le mie recensioni

Certificate Patrol

Assegnate 5 su 5 stelle

di Jan Martinec il Nov. 5, 2009 ·

Great idea, just what I was looking for!
If there was an option to switch between "admin/learning mode" (current way of working) and "user/working mode" (deny access on unknown cert), this would be absoultely PERFECT.

re: "is it really important to show certificate details the first time when I visit an https site?"
Yes, yes it is, if you actually care whether it's the real site you want or whether it's a phishing impostor, you should verify with the site owner that the certificate fingerprints are correct. Unfortunately, only a few people actually do that, as this should be done through a different (secure) channel than the browser, e.g. through a snail-mail letter or over the phone. Example: I go to https://mybank.example.com/ , I get a "new certificate" warning. I call MyExampleBank's support and check the certificate fingerprints with them. If they don't match what I'm seeing, the site is most probably a fake.

Questa recensione riguarda una versione precedente (0.7) del componente aggiuntivo. 

Certificate Patrol

Assegnate 5 su 5 stelle

di Jan Martinec il Nov. 5, 2009 ·

Great idea, just what I was looking for!
If there was an option to switch between "admin/learning mode" (current way of working) and "user/working mode" (deny access on unknown cert), this would be absoultely PERFECT.

re: "is it really important to show certificate details the first time when I visit an https site?"
Yes, yes it is, if you actually care whether it's the real site you want or whether it's a phishing impostor, you should verify with the site owner that the certificate fingerprints are correct. Unfortunately, only a few people actually do that, as this should be done through a different (secure) channel than the browser, e.g. through a snail-mail letter or over the phone. Example: I go to https://mybank.example.com/ , I get a "new certificate" warning. I call MyExampleBank's support and check the certificate fingerprints with them. If they don't match what I'm seeing, the site is most probably a fake.

Questa recensione riguarda una versione precedente (0.7) del componente aggiuntivo.