If you think this add-on violates Mozilla's add-on policies or has security or privacy issues, please report these issues to Mozilla using this form.
Please don't use this form to report bugs or request add-on features; this report will be sent to Mozilla and not to the add-on developer.
I have been using this addon for a long time, even before it was available on AMO and I love what it accomplishes and the simplicity by which it does so. I believe people would benefit from having it. I strongly urge the developers to please keep on top of the rapid Fx versioning and keep the addon compatible. Thank you.
I've been running this for several months and it works great. This addon closes a fundamental gap in PKI - IMHO it's essential!
great addon just after last nightly update the network of Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:7.0a1) Gecko/20110620 Firefox/7.0a1 was broken
Great addon - just what I needed!
I've checked current version (4.0), and it seems that the issues are mentioned earlier have been resolved. I don't see any unnecessary DNS lookups, and all the traffic goes via proxy if it is configured in Firefox.
Requests to Notaries stay non-encrypted, but this probably does not a pose any serious risk.
Hello, I am using Firefox 3.6.6 can you please update the extension to work with this version?
Also, would you please create a similar extension for both Chrome and Safari?
I know I'm asking a lot of you, but your work is very valuable and I use it daily. Please consider spending a little time to keep this great add-on up to date. :)
I e-mailed the developers, and got a prompt reply suggesting that others had uninstalled the Perspectives add-on, and re-installed it, and it would work with the new FireFox. I tried that, and it DID work for me! Now, hopefully, they will fix those security leaks being reported by VladV! Otherwise a fine add-on to help me decide for myself if a site questioned by FireFox is OK to access or not!
Now that I'm on 3.6.2, Firefox is saying "This add-on is for older versions of Firefox."
When will you be updating your release to cover the new version?
Fabulous, I get to use self-signed certificates again! Works great in combination with Certificate Patrol to see what actually happened.
Comfortable and useful.
Without this add-on, online banking/shopping is not safe from Man-In-The-Middle attacks (MITM). See Wikipedia: http://en.wikipedia.org/wiki/Man-in-the-middle_attack
Perspectives 3.0.3 works very quietly and adds another layer of protection to my web browsing.
The updated version 3.0.2 completely revamps the extension's appearance and is working fine on 3.5b4 for me. I got this via browser addon updating.
Great plugin. Would be even better if you integrated the mitm plugin into this.
Great extension if you use it correctly. I don't like the idea about bypassing any security warnings but this can be turned off. What I like is the function to have all certificates compared from other locations what seems like a good way to protect yourself from "Man in the middle attacks".
This extension is the only way that I found to avoid the annoying user-unfriendlyness of Firefox 3!
Sure, you have to trust the notary, but when I just want to *view* some random signed page that shows up by the dozens when searching for some technical information, I just won't afford to waste my time with 1) reaching for the mouse, 2) scrolling (in case the font size is bigger than "nominal" and has pushed the dreadful buttons waaaay down), 3) click 4 buttons (ok, 3 buttons and one additional checkbox because usually I just want a temporary exception) that are so freakin' small that it feels like a new kind of browser game - only that it is stealing my time when I don't want to waste it.
So, again, THANK YOU for this extension!!! It's the only reason I was kept back from switching to Opera (and I had in fact installed it and was training to switch)!
A few suggestions for the Perspectives add-on for Firefox :
1.) allow the status bar text to be enabled/disabled from within the extension options (this limitation can be manually worked around by installing another extension called 'Organize Status Bar')
2.) have an optional alternative status bar item that is more compact than the existing text 'Perspectives'. This might be a gray version of the green checkmark icon or a 'P' or something else. Maybe a gray P that is replaced by a green checkmark when verified by Perspectives. Just something that doesn't use so much status bar space when enabled. Maybe the https lock item can be changed to show 3 states (verified by cert auth, verified by peers or notary over time, unverified).
3.) offline cert cache of visited sites to limit number of needed queries to notaries (cache should be clearable with the Firefox Tools menu Clear Private Data option)
4.) option to automatically allow secure connections to any IP in the private IP address ranges (e.g. 10.x.x.x, 172.16.x.x 192.168.x.x) (a more restrictive option would be to allow these connections to machines in the same subnet as the PC running the browser)
5.) take a look at the WOT (Web of Trust) add-on...there may be value integrating the add-ons/features to make safer browsing decisions
It's great, if it works for you. Unfortunately, there are a lot of places it doesn't work -- such as my laptop. It's worth about five stars on my girlfriend's laptop (running Debian), and zero on mine (running FreeBSD). It seems like portability across Unix-like systems shouldn't require more than compiling the binary portion on the new system, so I'm not sure why there isn't a version for FreeBSD yet.
At the site mentioned it has improved to 2.1.4 can we have that here?
A great tool to verify self-signed certificates, possibly a viable alternative to expensive SSL certificates from Verisign and Thawte.
Virtually all web servers and web browsers support strong HTTPS encryption nowadays, but use of HTTPS is limited to those websites able to pay $250+ per year for a certificate from Verisign or Thawte.
Self signed certificates are free but of limited use because they are (1) open to man-in-the middle attacks, and (2) trigger lots of scary warnings in the browser.
Perspectives provides an innovative and elegant way to verify any self-signed SSL certificate by using so-called "notary" servers. In a nutshell, it says "you can trust this self-signed cert because several notary servers in different parts of the Internet received the same certificate, and this certificate didn't change since the last 30 days".
A man-in-the-middle would have to hijack *all* connections to the website, for several days, which is virtually impossible.
NB: Please download the extension from the developers website. The version on mozilla.org isn't up to date yet.