Web browsers like Firefox display all kinds of information about SSL connections (when you are connecting to https websites).
Firefox indicates different types of secure connections in different colors and with different icons, and provides you with options to look up additional information about the connection with a couple of clicks.
Here you can view the certificate for example, and look up connection details that highlight the strength of the cipher among other things.
The information and handling of secure connections can be improved in several ways through the use of extensions. There is HTTPS Everywhere for example which enables you to force secure connections and can be configured to warn you when the encryption is weak.
Safe on the other hand visualizes secure connections by painting the window border in a different color to indicate this.
Calomel SSL Validation
The Calomel SSL Validation extension on the other hand grades secure connections in Firefox. Instead of just highlighting that you are connected securely, it computes a security score for the connection using the data that is exchanged to establish it.
The score is based on the following parameters: Perfect Forward Secrecy, Key Exchange, Bulk Cipher, Message Authentication Code and Certificate Hash Type and Key Length.
The extension adds an icon to Firefox's main toolbar that indicates the connection strength in color. You can click on the button to display detailed information that you see on the screenshot above.
The final security score is displayed here -- 84% in the example on the screenshot above -- and how each individual parameter that was rated attributed to the score.
It highlights in addition to that whether the certificate is verified, the class of it, the url host and common name.
While it is not possible to change the rating by yourself, you can change quite a few other related features in the preferences.
The security tab allows you to restrict certain cipher related features. You can force the browser to only allow a certain setup, for instance a minimum of 128-bit strenght with Perfect Forward Secrecy, to enable TLS v1.2 and 1.1 only, or to disable OSCP checks.
Again, if you want to find out more about these preferences, check out the author's homepage to do so. All options are explained there in detail.
The other tabs offer other interesting options that are not necessarily security related. Here is a short list of useful preferences that you find here:
- Cache only to RAM, not to disk.
- Disable DNS Prefetch, Geo Location Reporting and sending of referrer information.
- Anonymize the user agent.
- Disable animated gifs and ads.
- Disable popup tooltips.
- Enable spell-checking on all text boxes.
- Disable the internal DNS cache.
The Calomel SSL Validation extension provides you with a rating for a site's secure connection strength. Even if you do not agree (fully) with the rating scheme, it can prove useful as you can still look up information about the https connection with a single click of the mouse.
Plus, you get all the other preferences in addition to the extension's main feature. Heck, some may even install it just for moving the cache to RAM.