JamesTheAwesomeDude / cerdicator

Enhanced TLS indicator with an emphasis on information about the Root Certificate Authority from which the connection's authenticity is derived

https://addons.mozilla.org/en-US/firefox/addon/cerdicator/

1 stars 3 forks source link

[FF#1678492] usefully display self-signed "TOFU"-spectrum certs #3

Open JamesTheAwesomeDude opened 4 years ago

JamesTheAwesomeDude commented 4 years ago

we need them

consider starting out just hard-coding in all these: https://www.g2.com/products/zscaler-internet-access/competitors/alternatives until we get around to implementing #2

however—

don't put any pleasant logos representing non-Mozilla-approved certificates in the UI without a badge, ever!

JamesTheAwesomeDude commented 3 years ago

I'm thinking "no" for the TLS MITM gateways, tbh

It's pointless to put e.g. "Palo Alto" when it's actually your employer that's viewing
But some of these gateways are operated by a central company

I'm just rounding these all up to "eye icon with a fuchsia badge" and calling it appropriately chosen.

(Third-party "Proper Root CAs", though, are another matter—at some point, I'll let the user manually review these per #2, but, in the meantime, I think CAcert is the only game in town [EDIT: seealso #20], so I've just hardcoded it in as an "alt" which gets tagged with a cyan badge.)

However, for self-signed, I'd love to be able to gatekeep these and certify them, but Mozilla has blocked me on this front.

JamesTheAwesomeDude commented 3 years ago

~~Suggestion: Check for securityInfo.state=="insecure" && url.protocol=="https:", and display a separate indicator for that, possibly with a link in the details to view this issue?~~

JamesTheAwesomeDude commented 3 years ago

https://discourse.mozilla.org/t/webrequest-getsecurityinfo-cant-get-self-signed-tofu-exception-certificates/67135

Thread opened with Mozilla; fingers crossed!

JamesTheAwesomeDude commented 3 years ago

don't put any pleasant logos representing non-Mozilla-approved certificates in the UI without a badge, ever!

Actually, I think we'll reverse this: have a particular badge which does display to certify Mozilla-approved connections (and badge others differently, nevertheless, to prevent spoofing).

This will also visually differentiate it from the badge-less "uninitialized" state.

I'll have to do a bit of cross-platform testing (and maybe offer a fallback), but the fox face emoji seems to work as a perfect badgeText, looking great with both LimeGreen and #00ff000000 badgeBackgroundColors.

JamesTheAwesomeDude commented 3 years ago

https://bugzilla.mozilla.org/show_bug.cgi?id=1549605#c25

has there been any thought given to whether the "secure" indicator (green padlock) should be given a different appearance? It's not specific to the current political situation, of course. I'd love to see a more obvious visible difference between "gmail.com, signed by Google" and "gmail.com, signed by Your Company's IT Department" (or of course "signed by Your Government's Secret Police").

When I add a per-site security exception for a self-signed cert, I get a black/dark-gray padlock with an overlaid yellow "warn" triangle. Would that be "too severe" for a user-installed root CA?

JamesTheAwesomeDude commented 3 years ago

https://bugzilla.mozilla.org/show_bug.cgi?id=1678492