Author Topic: Enhance security in FF or Flock with Certification!  (Read 1988 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Enhance security in FF or Flock with Certification!
« on: June 17, 2007, 06:01:14 PM »
Hi malware fighters,

Certification can make browsers much more secure. Get a certificate here:
https://cert.startcom.org/?lang=en&app=109
Use the certification with the Cert viewer plus add-on. I cannot grasp to understand why this was not brought in standard into firefox or Flock, link to download:
https://addons.mozilla.org/en-US/firefox/addon/1964
Adds two options to the certificate viewer in Firefox or Thunderbird: an X.509 certificate can either be displayed in PEM format (Base64/RFC 1421, opens in a new window) or saved to a file (in PEM or DER format - and PKCS#7 provided that the respective patch has been applied - cf. https://bugzilla.mozilla.org/show_bug.cgi?id=315871).

Additionally, an entry for direct access to the certificate manager will appear in the Tools menu (including a keyboard shortcut).
Some people can request particular certification, e.g. for educational purposes:
https://ca.grid-support.ac.uk/cgi-bin/pub/pki?cmd=getStaticPage&name=index

A good tool to analyze the underlying HTTP Headers, is live HTTP headers, where WhireShark may be overkill or as the latter is still considered not to be fully secure:
http://livehttpheaders.mozdev.org/

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33895
  • malware fighter
Re: Enhance security in FF or Flock with Certification!
« Reply #1 on: June 18, 2007, 11:54:31 PM »
Hi malware fighters,

While OCSP is being brought into Mozilla type browsers, you should do the open validation check here:
http://www.openvalidation.org/browsersets.htm

Please you people start to use validation and encryption, with all the insecurity around we can no longer do without it.

polonus
« Last Edit: June 19, 2007, 12:15:56 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!