SSleuth was developed with the intent to rate the cipher suites used in an SSL/TLS connection. The project maintains a list of cipher suite algorithms that are shipped with Firefox and a rank for each of them. An overall rating for any secure page visited by the user will be computed and displayed next to the URL. This is an attempt to enhance cipher suites and certificate visibility of the user, by rating the parameters and appropriately color coding it.
The add-on panel also gives the information on perfect forward secrecy, Firefox connection status and the certificate details. Could be an informative tool for advanced and ordinary users alike. For a quick view of SSleuth panel use the keyboard shortcut 'Ctrl' + 'Shift' + '}'
Find more details at the project page : https://github.com/sibiantony/ssleuthUpdate - 13th April 2015
* Average domains rating : Users with domains observer enabled will see a tiny notification icon and rating numeric in the panel next to the star ratings. This is an average rating for all the cross-domain requests. The icon will also turn red if there are insecure (unencrypted) requests, or if the average rating is less than 5 out of 10.
* Copy to clipboard: A new clipboard icon is visible in the panel next to the preferences icon for copying text in the panel main view.
* HTTP/unencrypted pages will be notified in red from now on.
* AES 128 and 256 are ranked the same. GCM suites ranked highest.
* German translations (Thanks to Jei Four)
* Added 'Reset all', 'Custom list' buttons in the panel ciphersuites tab.
* Toggle urlbar notifier colorizing from preferences.Update - 17th October 2014
* New release - version 0.3.2 has the SSL/TLS protocol version displayed on the main panel. Since many people had been asking for this feature, and in the wake of POODLE attack, it could be beneficial for users to quickly see the protocol version.
- requires Firefox 29+
- It is necessary to have the SSleuth Domains observer enabled [default = enabled]
- the protocol version is obtained from an interface which wouldn't work for cached HTTP content. So it might be required to do cache-overriding reload of the page to see the connection SSL/TLS version
* The Domains tab now occupies the full height of the panel. (The domains feature is still in beta. Expect changes in future)
* + Other minor bug fixes.Update - 19th July 2014
This release brings in some major features and improvements
* The certificate signature algorithm, public key size are visible.
* Signature algorithm is included for overall ratings.
* An HTTP observer to monitor background requests and grouped per domain. Can be enabled/disabled from preferences. (Beta)
* The panel UI is split to 3 tabs - a main tab for the general content, a domains tab and another for toggling cipher suites.
* The cipher suites toggling will now result in automatic page reload.
* A URL bar colorizing option - as per the rating (Disabled by default). Update - 2nd May 2014
* The new version 0.2.4 brings in restartless installation and immediate preferences changes.
* The panel information is slightly re-arranged, and the visibility of some cipher suite parameters/certificate parameters can be toggled in preferences.
* The ratings for individual items are displayed next to them
* The rating mechanism is configurable now! More details at project wiki..
* The preferences are moved to a tab and is accessible from the notifier right-click menu.
* Support for enabling/disabling cipher suites. A list of cipher suites can be created, and the new list will show up in the right click menu of the notifier. Do a reload overriding cache (Shift+Ctrl+R) after changing states. Read more about enabling/disabling cipher suites..
* Optional display of SHA-1 fingerprint of the certificate.