Calomel SSL Validation is a Firefox extension that grades the SSL cipher strength of the current connection. Access to a detailed summery of the SSL negotiation is supplied by a button on the URL bar. The button also will change color depending on the grade from red (low score), to orange, to yellow, to blue and finally to green (high score). Standard HTTP unencrypted connections will turn the URL bar icon gray.
This add-on was designed to more easily show the true security state of the connection so everyone can learn more about ciphers and encryption using SSL. Firefox currently shows a green URL tag for an extended validation (EV) or a blue URL tag for a domain validation (DV) certificate and a lock icon if the connection is SSL encrypted. We did not think this was enough information to decide if the connection to the site was truly secure. This is why the "Calomel SSL Validation" add-on was developed. We score the connection on the following items: if the certificate was valid, if the fully qualified hostname is equal to the common name the certificate was registered for and the strength of the cipher and cipher key length.
In the "Preferences" section you can enable many option we find extremly useful like:
* Use of only the strongest 256 and 168 bit ciphers in high security mode in addition to using the Online Certificate Status Protocol (OCSP) to verify the site's certificate. There is also a toggle under the "Tools" menu to turn the high strength ciphers on or off instantly.
* We have an "optimization" tab to enable settings similar to those found in FasterFox, but unlike that add-on we only enable safe configurations. We included this tab to provide speed optimizations we found to increase the quickness of the browser while using less CPU time and bandwidth.
* In the Privacy tab you can choose to hide titles and icons in each of the tabs similar to the add on "Page Title Eraser". This option might be used to stop people looking over your shoulder to see what sites you have open.
*Finally, there is a tab to disable annoyances like blinking text and gif animations.
All of these options are disabled by default when you install the add-on. We do not believe it is ethical to change a user's built-in settings automatically. Take a look at our help page and decide for yourself what you would like to use. The help page should be shown after the add-on is installed.
A detailed and comprehensive explanation of the options and scoring can be found at the "Website" link above.
Privacy and security are very important to us. This add-on does NOT contact any external sources about browsing habits or SSL statistics. All information is retrieved from Firefox itself and kept internal to only your user. We do NOT store any information locally other then your preferences for the add-on and nothing else is saved to the hard drive to protect your privacy.
- Fixed a bug when the high cipher was disabled, the OCSP setting kept getting reset. Also, separated the ability to disable OCSP from the High Cipher option.