One quite often read complaints that a given "secure" website doesn't work unless one temporarily activates a given cypher. I am sure that once a cypher is activated "for a special task", that many people forget to turn it off, and Pale Moon Commander does not allow one to quickly know which cyphers should be turned on or off. Right now, if I want to know which cyphers are considered safe right now, I need to search the forum extensively as it is not even a page on palemoon.org or a pinned discussion on the forum.
Therefore I would suggest the following improvements in Pale Moon and Pale Moon Commander:
– Use a special colour in the address bar each time a website uses an unsafe cypher.
It could be red, like when there is mixed content in a page (even if the non-secure content is a public image), or it could be a new colour like orange. That way, it would remind people of the condition. Information on the particular cypher would continue to be available by clicking on the lock at the left of the address bar.
– Under Tools –> Options –> Security, there would be a block option "Security – Reset Cyphers to their default state".
With a single click, one could then correct temporary permissions and restore a safe environment.
– In Pale Moon Commander, default recommendations should be indicated, so that one quickly knows what should be checked and what should not. I would suggest:
Security – SSL : Lowest and Highest supported protocol (recommended value: xxx)
Security – Cyphers 1 and 2 : add (check or uncheck) in parentheses after each one.
Finally, under Pale Moon Commander –> Other –> Reset, I would suggest to add the following
– Reset cyphers to default values
– Reset all security preferences
– Reset Pale Moon Commander values (i.e. not all other preferences)
I would recommend that all these reset buttons come with a modal dialog afterwards: "Are you sure you want to...?", with default set at "No". Resetting preferences should never be done lightly.
If some of these elements already exist in Pale Moon, my apologies (after all, I don't change authorized cyphers daily). These improvements could also be used to promote the safer environment promoted by Pale Moon.
Quick identification of less-safe cyphers
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Quick identification of less-safe cyphers
Michel Gagnon
Montréal (Québec, Canada)
Montréal (Québec, Canada)
-
dark_moon
Re: Quick identification of less-safe cyphers
Nice ideas!
Like the PM commander recommendations idea a lot.
Like the PM commander recommendations idea a lot.