Calomel SSL Validation Version History

26 versions

Be careful with old versions!

These versions are displayed for reference and testing purposes. You should always use the latest version of an add-on.

Version 0.74 193.3 kB Works with Firefox 29.0 and later

Added the TLS version number to the drop down box and score on the value. On the Security tab, the option to limit connections to TLS v1.2 is offered.

Version 0.72 195.8 kB Works with Firefox 27.0a1 and later

Added a test for Elliptic Curve Digital Signature Algorithm (ECDSA) certificates which also get a 10/10 score. Calomel.org now uses ECDSA certs.

Version 0.70 195.8 kB Works with Firefox 27.0a1 and later

The score for SHA-1 certificate hashes have been reduced to 4/10 points from 10/10 points. As of April 2014 the major certificate authorities now allow reissuing certificates with SHA-256 at 2048 bits. Only certificates hashed with at least SHA-256 at 2048 bits for the CA and site can be awarded the full 20 points. You will notice some sites will now drop down a color level. Those sites who received a green shield before might get a blue shield now.

Added a check for 3DES ciphers which was missing. Sorry about that.

Removed the orange shield icon. Shield colors are now: green, blue, yellow and red.

Version 0.67 195.7 kB Works with Firefox 27.0a1 and later

With the release of Firefox 27 the add on now recognizes Galois/Counter Mode (GCM) block ciphers. Only sites who use GCM Perfect Forward Secrecy ciphers can reach 100% score and the green icon.

Version 0.66 195.7 kB Works with Firefox 25.0a1 and later

Added multiple tiers of restricted cipher classes. There is an "Apply Settings Now" button in the options window so all options take affect immediately. Changed the icon to a shield (24x24 pixels), from the lock symbol, to better fit in with the default Firefox scheme. Changed the scoring system.

Version 0.64 176.9 kB Works with Firefox 25.0a1 and later

Added the ability to grade each part of the FULL cipher suite including the key exchange, signature, bulk cipher and message authentication code. We also check and grade ciphers which support Perfect Forward Secrecy (PFS).

Calomel SSL Validation v0.64 is intended for Firefox 25 and greater only !!

If you have Firefox 24 or below use Calomel SSL Validation v0.62 !

Version 0.62 177.4 kB Works with Firefox 3.6 and later

Updated the method to query the SSL certificate status for compatibility with Firefox v24.

Version 0.61 177.5 kB Works with Firefox 3.6 and later

Fixed a bug when the high cipher was disabled, the OCSP setting kept getting reset. Also, separated the ability to disable OCSP from the High Cipher option.

Version 0.58 176.7 kB Works with Firefox 3.6 and later

Changed the suite of strong ciphers to FIPS 140-2 and restricted the sets to no less then AES 256 bit.

Version 0.57 176.7 kB Works with Firefox 3.6 and later

Added the check for Elliptic Curve Cryptography (ECC) Certificates and award the highest score to ECC "Curve bit" enabled sites. Google search is now ECC subject public key signed. ECC is faster and more secure then RSA.

Version 0.56 176.7 kB Works with Firefox 3.6 and later

Fixed a problem with the user agent option which was being reset even if "annonymize user agent" was disabled. Thanks to VW for reporting the issue.

Version 0.55 176.7 kB Works with Firefox 3.6 and later

Quick Update: If you choose to not send referer information then we make sure to also not send the referer header when navigating from a https site to another https site. Special thanks to "rvwr".

Version 0.54 176.7 kB Works with Firefox 3.6 and later

Added two values to the Privacy option tab. You can now choose to not share any referer information with a remote server. You can also choose to send an anonymous user agent string which is "Mozilla/5.0 (Gecko) Firefox/64" without operating system or sensitive program version numbers. There is little need to send identifying information about our computer which could be used by malicious servers as vectors for attack or for targeted fishing attempts.

Version 0.53 176.3 kB Works with Firefox 3.6 and later

Removed extraneous internal warning message and allowed the cipher types to be displayed on broken pages. No logical code changes.

Version 0.52 176.1 kB Works with Firefox 3.6 and later

Updated code to disable the use of OCSP checking when using SSL. The reasons behind the decision are related to performance and security issues. OCSP and CRL requests increase page load times and are susceptible to blocking by man-in-the-middle attackers or captive portals, websites commonly used by Wi-Fi access points to prevent HTTP connections before users authenticate. BTW, Chrome has also disabled OSCP.

Version 0.51 176.1 kB Works with Firefox 3.6 and later

Added an icon to show when a connection was completely broke. It is red with a bright white "X" in the middle.

The add on has been verified to be compatible with Firefox v8.0 in the BETA tree.

Version 0.50 174.1 kB Works with Firefox 3.6 and later

Changed the lock icon to a 24x24 pixel png to better fit in with the default icons.

Added a check to give a score of 6 out of 6 points to any SHA-1 or SHA-2 based certificate hashes which are 1024 bit or larger.

When an option is turned off it will now be reset to browser defaults instead of being manually defined to a default value. This cleans up the code and purges any extraneous configuration options.

An option which is disabled will never modify a config value. If the option was once enabled and then disabled the config value will be reset to the browser default on browser restart and never touched again.

Version 0.48 175.1 kB Works with Firefox 3.6 and later

Verified compatibility with Firefox 7.0 (beta channel)

When an option in the add on is disabled it will no longer set the value to the Firefox default on every restart. The add on will ONLY change the user set values on restart if that option was enabled and then disabled by the user. Special thanks to Chi and Wien Sean for reporting this issue.

Version 0.47 175.1 kB Works with Firefox 3.6 and later

Verified the addon works under Firefox 7.0 (beta channel)

Fixed a bug where DNS prefetching was not being disabled when the option was chosen. -thanks to rvwr

Added the ability to disable DNS caching. This is quite useful when you need to test hosts that change ip address frequently.

Version 0.46 175.1 kB Works with Firefox 3.6 and later

Verified compatibility with Firefox 4.0.*. No code changes.

Version 0.45 175.1 kB Works with Firefox 3.6 and later

Verified compatibility with Firefox 4.0.*. No code changes.

Version 0.44 175.1 kB Works with Firefox 3.6 - 4.0b6

fixed a small error in the spell checking option. Now, when you choose the option for spell checking to be disabled it will actually be turned off. The bug was found by users on the wilderssecurity.com forums.

Version 0.43 175.1 kB Works with Firefox 3.6 - 4.0b6

Added compatibility for Firefox 4.0b6. Removed the network option for pipelining due to new Mozilla rules. Added the date / time stamp at the bottom on the drop down window.

Version 0.42 175.1 kB Works with Firefox 3.6 - 3.6.*

fixed a bug where if the button was not on the toolbar an error was thrown. Added the ability to install the toolbar button on the initial install.

Version 0.33 163.8 kB Works with Firefox 3.6 - 3.6.*

Changed the install.rdf to reflect the max version of Firefox support to be 3.6.*. Added the set function to make sure TLSv1 is always enabled. Changed the listeners slightly to simplify the amount of calls to the PageLoad method.

Version 0.32 163.8 kB Works with Firefox 3.6 - 3.6.*

bug fix in high cipher toggle in "Tools" sub menu. Bug was seen in v 0.30