Open Madis0 opened 4 years ago
jannispinter
commented
4 years ago Certificate Transparency is definitively a thing I want to add. The SecurityInfo-API already offers the certificateTransparencyStatus field, but I don't quite understand what it displays (it always returns not_applicable, even though the site has a certificate with embedded SCTs or Expect-CT header set).
ashucg
commented
4 years ago I was looking into this as well and noticed that even the Certificate Viewer displays "Not Applicable" even though Chromium shows the information. I was looking at bugzilla to see if someone had reported the issue and found that @rugk has created a bug report. So the only work around is to use 3rd-party scripts as mentioned in #16 or wait for Mozilla to actually do something about it - but this report has next to no activity so not sure about how long we would have to wait (bug is not even assigned to anyone right now.)
rugk
commented
4 years ago Oh yeah, really old lol. Trying to reproduce in Firefox 78 it seems to work in about:certificate (aka "certainly something"-implementation):
However, as the bug report says in the "security tab of [the] network" analysis in Firefox, it is not shown. I'll comment there, maybe it pings someone… :thinking:
But yeah, bug rotting is typical for Mozilla bugs… :thinking:
(What you could do is vote for the bug though.)
ashucg
commented
3 years ago Yeah, I am definitely going to vote for this bug.
The extension could show certificate transparency state. Inspiration (not sure if it works): https://addons.mozilla.org/en-US/firefox/addon/certificate-transparency/