muelman

À propos de moi

Information développeur
Nom muelman
Utilisateur depuis February 11, 2014
Nombre de modules développés 0 modules
Moyenne des notes des modules du développeur Pas encore évalué

Mes critiques

DNSSEC/TLSA Validator

good job Noté 4 sur 5 étoiles

I love the detail depth this addon is made with. it goes even further than described on its help and info page.
heck, in my afternoon long effort to understand what's going on exactly, i found two bugs in my routers firmware! thanks only just for that.

But isn't it possible to cache the results a little longer, at least as long firefox makes the next request to that page? I checked my connection, and whenever i switch to a tab that i haven't used for a short while (30 secs roughly), that addon triggers a new dns lookup (which in turn triggers a lot of lookups, usually taking several seconds, especially when "no resolver" is selected).
also, with "no resolver", are the root keys actually verified?

though i really love the functionality of this addon, i beginn to feel that its beautiful twin gui icons might not be enough, since most webpages make requests to a whole lot of other domains. they might wanna show info about all requested domains.
in that light, i feel it could be useful to, instead of whitelisting, make it function with a kind of ignore-all-but-what-i-specify-here-list. then again if so, we'll probably never gonna have a safer www.

to everyone who's looking for dnssec servers and didn't get the memo, googles public dns does it.


p.s.
i confirmed it with a friend. even when set to use system settings, the addon makes rootserver lookups. that shouldn't be the case, should it?

Cette critique est pour une version précédente du module (2.1.2.1-signed.1-signed). 

Certificate Patrol

Noté 3 sur 5 étoiles

This is nice, sure. But in the current form, unfortunatley also greatly annoying. Generally there are just too many sites that change certificates like people change clothes, and just too few sites that need the special attention that this addon provides.

My proposal is to only check certificates that:

a) come from sites that are on a force-check-list (the opposite of the current ignore-list)
b) are signed by root certificates that are not in the trust-store
c) are self-signed

Click to Play per-element

Warning, may cause sighs of relief Noté 5 sur 5 étoiles

Disregard my previous comment - the reason it didn't work was the "CrApple Yummy" Theme Addon (using Mac OS X)

Cette critique est pour une version précédente du module (0.0.3.20130818.1-signed).