Rated 5 out of 5 stars

Muy útil.

This review is for a previous version of the add-on (0.79). 

surprising results Rated 5 out of 5 stars

small charities with feeble websites have top security, some rather important pages (finance + big so tasty to cybercriminals) don't.... interesting. About-addons-memory says it takes no memory up, so i'm keeping it. Very nice, thanks

This review is for a previous version of the add-on (0.78). 

Simply great for "simplifying" SSL/TLS Rated 3 out of 5 stars

This extension is great for simplifying and showing in quick second how bad/good the SSL/TLS of a given site one is on is currently at. I don't necessarily agree with the rankings sometimes, but once you get use to what is is measuring and how the points are awarded it is very eye-opening to see what many popular sites are actually using.

This review is for a previous version of the add-on (0.78). 

Calomel SSL Validation is an excellent extension Rated 5 out of 5 stars

Just one nit. I checked "disable animated gifs and ads" under the Annoyances tab, but it does not appear to stop them.
For example, look at
https://yahoo.com.tw, or www.atpworldtour.com.
Hope they can fix this.
Otherwise, an excellent extension.

This review is for a previous version of the add-on (0.78). 

Rated 5 out of 5 stars

I have really grown to like the product a lot. i use it most every day. It has helped me understand some of the more technical aspects of securing my connections. However, there is one thing that would be nice. The display when I click the Calomel medallion tends to wrap select lines of the display. there are five lines that frequently wrap, the ratings for the issued by cert display, the common name line, the first line called security especiallly if the site is 'broken', the common name status. thanks again.

This review is for a previous version of the add-on (0.75.1-signed).  This user has a previous review of this add-on.

Rated 5 out of 5 stars

Does exactly what it claims. Clean interface and easy to use.

Still with 0.75 the revised user agent tag still doesn't work with youtube for some reason. Same for the old blank user agent. Could not find a way to leave feedback easily on support website.

This review is for a previous version of the add-on (0.75.1-signed). 

Some Sites have Blank Shields Rated 1 out of 5 stars

A number of sites have blank shields, and there's no way to see what's going on, there's no way to report a bug, there's no way to contact that I can see, so when it works it's great. However the 3 specific sites I wanted it for it just showed the version number.

With no way to report/feedback on this, makes the tool mostly worthless to me.

This review is for a previous version of the add-on (0.74.1-signed). 

Rated 5 out of 5 stars

I love this add-on! It is one of the main reasons why Firefox is my main browser. However, I believe I have found a bug that I would like to report here (as per the directions on your web site). When I resume my PC after hibernating it and continue to use an open browser, the visual color indicator of the add-on sticks to whatever it was last showing before I hibernated. I can click on the shield for each site I browse to and see the correct data, but I obviously would prefer to see the color without manual intervention. I can also close and reopen the browser and the add-on functions correctly again, but I tend to keep my browsers open for a week at a time with ongoing work.

This review is for a previous version of the add-on (0.72.1-signed). 

A good option for the security-conscious Rated 4 out of 5 stars

The idea for this add-on is excellent, even if the implementation leaves just that little something to be desired.

The interface is not as smooth as one might like (as, for example SSLeuth’s interface is), and the options are displayed in a way that isn’t quite as elegant as one might hope for (the huge text “Calomel”, in a fancy font, seems needless, for example).

On the plus side, the shield icon is well-drawn and the colors help you see how secure a connection is at a glance, and the drop-down display looks good (though the “marble” background is slightly distracting).

Also, it has a clear privacy policy, which is good.

Another big plus is the extensive documentation of the add-on’s features and settings available on Calomel’s website (though who “Calomel” is, remains unclear).

All in all, an add-on worth trying for those interested in increasing the security of their web surfing.

This review is for a previous version of the add-on (0.72.1-signed). 

Nicely done Rated 5 out of 5 stars

Neat and unobtrusive, with a few extra hidden tweaks for cache usage and "annoyances".
A bit shocking when you find out how bad some sites encyption really is.

This review is for a previous version of the add-on (0.72.1-signed). 

Good extension that gives you more info quickly Rated 5 out of 5 stars

I think the extension is great, not only does it expand the amount of info available from the browser itself.. it helps raise awareness of the quality of the encryption on sites you use.

the only thing that could be better is having some options to make the colors a bit easier to see for the colorblind. sometimes it is hard to tell what color the shield is... perhaps some textures.. or maybe a way to remove the '3-D' effect..

This review is for a previous version of the add-on (0.70.1-signed). 

Rated 4 out of 5 stars

Unfortunately, it seems v0.70 of the addon is not compatible with Pale Moon (based on Firefox). Not entirely sure why since the previous version (0.67) worked just fine.

It does the best it can within the framework it has.
I'd love to just see a real 'secured' browser that has compatibility with other sites but just alerts the user of lowered security due to that website's settings.

Also the internet is far overdue in the need to kill RC4 and 3DES ciphers. There is no excuse, not anymore. AES 128 is fine and works well with far less hardware costs.

This review is for a previous version of the add-on (0.70.1-signed). 

Rated 5 out of 5 stars

Icon bigger that usual when using 120 dpi screen, windows 7.

This review is for a previous version of the add-on (0.70.1-signed). 

Rated 5 out of 5 stars

As "Heartbleed" demonstrated, knowing if a site supports Perfect Forward Security, alone, is a major help; at the moment no other plugin gives such exact data (though some websites do, site-by-site entered), but Calomel SSL Validation plugin tells us that for EVERY site/page on the fly! And the option in "privacy" tab does appear to make the OS unknown to most sites...this too is security, as some malware/ransomware (especially the silent sneaky ones) read OS via browsers and start running codes for attacking that type of OS...if they can tell what it is.

This review is for a previous version of the add-on (0.70.1-signed). 

inconsistent logic and unresponsive developer Rated 1 out of 5 stars

Unfortunately I have to give the extension one star - the only thing it is good for is notifying about HTTPS mixed content.

Detection of cipher suites misses some supported by Firefox (most common being 3DES). The use of weak signature hash algorithm (SHA-1) is not penalized, as well as relatively weak RSA keys (2048 bit) that provide just 112 bit security.

In the end, a connection that provides around 61 bit effective security (or 80bit if you wear rose-tinted glasses) will still get a green shield (most secure evaluation).

I tried contacting the developer about those issues, but I haven't heard back for over 2 weeks, so I don't think I'll receive any reply.

This review is for a previous version of the add-on (0.67.1-signed). 

So close ... Rated 4 out of 5 stars

So close to perfect. This extension works well, but needs an option to change security levels.

Ideally you could set your security level to the maximum, and if access of a page is impossible you click the Calomel shield icon, it changes appearance (to reflect the lowered security level), and the page is reloaded with, say, a medium security level. Then if that doesn't work, you can click on the shield button and turn security all the way down (and the icon changes to show this again). And, of course, the change should only apply to the current page.

As things are, you can click to change security levels, but there doesn't seem to be any obvious way to, at a glance, tell what the settings are at the moment.

This review is for a previous version of the add-on (0.67.1-signed). 

Rated 4 out of 5 stars

Very,very good.. Something like it should be an integral part of Firefox. Only one niggling thing ... no option to turn of cipher security with one click for those sites one has to access despite their poor encryption.

This review is for a previous version of the add-on (0.67.1-signed). 

Nice addon, only 1 flaw Rated 4 out of 5 stars

People saying they have to reboot Firefox altogether are incorrect. But for the changes to stick you do indeed have to apply them twice, so I can understand why this misconception got started. I'm guessing most people are referring to having to change the cipher restriction to 128 and stronger, and uncheck the TLS 1.1 & 1.2 only box for many pages to load (doing this will make basically every site work btw). After making those changes and hitting "Apply Changes Now", then OK, and then refreshing the page... nothing changes. You have to go into those settings again, click Apply Changes Now again, then OK again, and then refresh the page yet again for the changes to stick. Then you're good to go. You do not have to restart Firefox. Fix this and the extension earns 5 stars in my book.

And personally I find the amount of sites that won't work with the settings maxed out over-exaggerated. I only have to do this with a few sites here and there. And if you max out the settings you should expect this. Blame the site, and not this addon for having lax encryption standards.

I like that the grading has high standards. It will encourage sites to enforce such standards as well. I wouldn't doubt some of the nasty reviews are by site admins feeling slighted by this. But it's for a greater good and Calomel shouldn't back off of this position.I've yet to see a site receive a perfect score under this new system. And it's always the "MAC" section lacking, grabbing an 8/20 at best, never have I seen better. But we shouldn't solve this problem by lowering our standards, but by improving our results.

This review is for a previous version of the add-on (0.67.1-signed). 

Rated 4 out of 5 stars

Calomel does not recognize 3DES ciphers. If you have disabled RC4, 3DES is still regularly used, so please fix this.

This review is for a previous version of the add-on (0.67.1-signed). 

Poor design Rated 1 out of 5 stars

Pretty buggy right now, and it doesn't really help me stay secure. Every time I hit a website that doesn't work with the good ciphers, and want to view it regardless, I have to restart FireFox because this plugin requires it. With lower security settings, many websites end up using RC4.

Just not well designed. I'm using a modified Cipherfox plugin instead.

This review is for a previous version of the add-on (0.67.1-signed).