Update Sep 2, 2018 : Please note : This add-on is not compatible with Firefox 57+ (Quantum). For more details : https://github.com/sibiantony/ssleuth/issues/78
SSleuth is a Firefox addon that ranks an established SSL/TLS connection to estimate the connection strength. It also gives a brief summary of the important SSL/TLS connection parameters.
- Mozilla download page : https://addons.mozilla.org/en-US/firefox/addon/ssleuth/
This was developed with the intent to rate the encryption ciphers used in an
SSL/TLS connection. The project maintains a list of cipher suites that are shipped with
Firefox and a rank for each of them.
The rankings are mainly inspired from Qualys's SSL labs server testing tool. The
SSL labs testing is meant for web servers, more sophisticated and is much more
than a cipher ranking service. However to know which ciphers are used when a user
connects to a website, browser support and/or an addon is necessary. Firefox started
exposing the full cipher suite name from version 25.0. Users can see the
cipher suite by going to the
URL notification lock icon -> More information
Page Info -> Security -> Technical details.
The user can see the cipher suite used for connection and firefox's
assessment of the strength of the cipher.
SSleuth attempts to enhance this visibility of ciphers to the user, by ranking it and appropriateley color coding it. The addon panel also gives information on perfect forward secrecy, firefox connection status and the certificate details.
The rating mechanism is in the early stages now, and might change in future. See the wiki page on Rating Mechanism for more information.
Disabling weak ciphers
Beginning with version 0.2.3 SSleuth supports enabling and disabling cipher suites. Users can create a list of cipher suites to toggle, and use the notifier right click menu to toggle them. More details on enabling/disabling cipher suites in the wiki.
Graphical User Interface
There is a URL bar notification box (next to Firefox's own notification area). A 'sleuth' cap and the rank notifies the user of the estimated strength. There is an optional toolbar button mode (choose from preferences), if the user wishes to move around a toolbar button.
The color of the notification area changes from green (very good), to blue (good), orange (medium) and red(bad).
The panel can be easily brought up with the key combinations 'Ctrl' + 'Shift' + '}'. If the keyboard shortcut interferes with any existing addon and/or your keyboard doesn't support the key combination, please report it. It is however possible to change the keyboard shortcut via configuration.
- Navigate to '
- Key in
extensions.ssleuthto find all ssleuth configurables, and look for
- The preference type is a string and you can change the modifieres and key. Please follow mozilla guidelines for modifiers and keys to set the shortcut. SSleuth uses 'keys' rather than 'keycodes'.
SSleuth is released under GPLv3.0. You should find the license text in the About page of add-on preferences.
Jdenticon 1.3.2 zlib license, jdenticon.com (c) Daniel Mester Pirttijärvi