À propos de moi

Information développeur
Nom joey2012
Utilisateur depuis December 6, 2012
Nombre de modules développés 0 modules
Moyenne des notes des modules du développeur Pas encore évalué

Mes critiques

Certificate Patrol

A great extension for Firefox – a must have for security concerned Noté 5 sur 5 étoiles

The issue with domains using changing certificates (e.g. has been fixed by allowing to either configure a check of site's certification authority's certificate (if it doesn't change) instead of the site's own, or by configuring the domain to be ignored (if the CA also change, as in some rare cases).

Improvement suggestion: A list of possible certs could be implemented per domain (instead of currently only one cert per domain). It would be useful for sites with changing certs – especially the ones also changing the CA – because the number of certs they use is still very limited. So that one then would not have to set the domain to be ignored, but would instead know that its cert is one of the list of the ones used by the domain. (This is an issue of those domains like Or maybe their desired behavior, to limit the worldwide damage in case a cert or its CA gets compromised.)

Note to Thunderbird: Unlike with Firefox, this add-on is not needed with TB. See for information on how certificate pinning can be configured with Thunderbird itself.

Note to version 2.0.14: Since Firefox 19 (or so), the extension name is not shown under “Add-Ons”. “null 2.0.14” is shown instead. But the extension works as advertised nevertheless.

Update: Another suggestion: It would be great if it could also "pin" the certs of the update servers used by Firefox to search for new versions and update itself and its extensions.

Cette critique concerne une version précédente du module (