How to check OCSP responder information through an add on?


(Ximet) #1

I am developing a mozilla extension for my final degree project that consists of adding certain modifications to an existing one called ssleuth.

One of the improvements I would like to implement is the verification of the OCSP response information, but the only interface I have found on this topic is “nsIOCSPResponder” and I don’t know if it can provide me the information I need. The use that I want to give it is to be able to assess more accurately the reliability of a certificate.

I would appreciate any help on this subject, thank you very much.


(Niklas Gollenstede) #2

Developing a non-WebExtension add-on seems pretty pointless to me.

There is some fairly recent activity on this ticket to expose TLS info to WebExtensions, but I havn’t read most of it.

If that does not work out, you could start a local SOCKS server in node.js, read through all traffic and report whatever you find via nativeMessaging to an extension, which can even configure the proxy.
That gives you all the power of node.js (and other programs you can call) and has a future.