indicatetls icon indicating copy to clipboard operation
indicatetls copied to clipboard

Published 20 hours ago verified publisher icon jannispinter

Certificate Transparency

Open Madis0 opened this issue 5 years ago • 4 comments

The extension could show certificate transparency state. Inspiration (not sure if it works): https://addons.mozilla.org/en-US/firefox/addon/certificate-transparency/

Madis0 avatar Jan 25 '20 16:01 Madis0

Certificate Transparency is definitively a thing I want to add. The SecurityInfo-API already offers the certificateTransparencyStatus field, but I don't quite understand what it displays (it always returns not_applicable, even though the site has a certificate with embedded SCTs or Expect-CT header set).

jannispinter avatar Jan 25 '20 17:01 jannispinter

I was looking into this as well and noticed that even the Certificate Viewer displays "Not Applicable" even though Chromium shows the information. I was looking at bugzilla to see if someone had reported the issue and found that @rugk has created a bug report. So the only work around is to use 3rd-party scripts as mentioned in #16 or wait for Mozilla to actually do something about it - but this report has next to no activity so not sure about how long we would have to wait (bug is not even assigned to anyone right now.)

ashucg avatar Jul 14 '20 18:07 ashucg

Oh yeah, really old lol. Trying to reproduce in Firefox 78 it seems to work in about:certificate (aka "certainly something"-implementation):

grafik

However, as the bug report says in the "security tab of [the] network" analysis in Firefox, it is not shown. I'll comment there, maybe it pings someone… :thinking:

But yeah, bug rotting is typical for Mozilla bugs… :thinking:

(What you could do is vote for the bug though.)

rugk avatar Jul 15 '20 11:07 rugk

Yeah, I am definitely going to vote for this bug.

ashucg avatar Jul 21 '20 20:07 ashucg