On 3/3/12, Desiree<[email protected]> wrote:
"Lee"<[email protected]> wrote in message
news:mailman.12426.1330789185.31724.support-seamon...@lists.mozilla.org...
On 3/3/12, Desiree<[email protected]> wrote:
Since the recent demise of Scroogle, that I used exclusively for years, I
have begun using Startpage.com HTTPS search engine exclusively. I have
had
GoDaddy disabled in Certificate Manager for years now on all browsers. I
I just tried disabling GoDaddy as a CA in Seamonkey& it works for me.
How did you disable it?
[.. snip method ..]
I looked at this again just now. I am now getting the StarPage engine search
using StartPage HTTPS engine in the search bar without a bunch of popup
windows about the GoDaddy cert.
Yay!
BUT StartPage does not give you 100 results
per page (rather 10 only) so I click on the second page of results and I get
a series of popup screens. I have to RETELL SM to make a permanent exception
for StartPage cert.
uhmm.. actually no. You have to tell SM to make a permanent exception
for startpage.com and then after clicking on "next" you have to make
another permanent exception for something like s6-us2.startpage.com.
So far, I've seen it go up to s12-us2.startpage.com for subsequent
pages.
[.. snip description of expected results ..]
Sigh. I just tried again using StartPage HTTPS engine through the search
bar, for another subject for searching, and I got that HORRIBLY MISLEADING
Startpage search results. There was a popup up from SM stating that Secure
connection FAILED due to the Godaddy cert being UNtrusted.
SM told you that the secure connection failed& why it failed. What
warning message would you prefer?
I was not able to
do anything other than look at the cert or cancel.
Something else is going on then. I've yet to have that problem with startpage.
I _have_ had that problem with other https:// sites tho, enough times
that IE tends to be my 2nd choice browser instead of FF :(
Yet, I still see https in
the address bar for the StartPage search results and in the Status bar the
almost impossible to see dark gray lock appears locked. The surrounding area
is a lighter gray tannish color and if I click on the lock it says the site
is secure but that information is in DIRECT CONFLICT with what the popup
said which was that the SECURE CONNECTION FAILED! This is a nasty bug giving
conflicting information. Which claim do I believe?
SM is just doing what you told it to do (trust the cert).
Because the GoDaddy CA is untrusted, the startpage certificate
doesn't link up to a trusted CA& so SM warns you about the
connection. You over-rode the warning& told SM to accept the cert as
valid. So SM considers it a secure connection.
want my browsers to notify me each time a GoDaddy cert is used and then I
take a look at the CertPatrol addin
I looked at this. I was wrong in that I have not seen this extension before.
It is interesting but not what I need. I need Padlock extension that I use
on Fx. I can't clearly see the dark gray padlock that SM uses. I can't see
if it is open or closed without using a magnifying glass...horrible color
for what should be a GOLD padlock that is easily seen. Plus, it should be in
the address bar...NOT on the status bar where even if a gold color it is
harder to see. So, I use Padlock extension for Fx but it won't install on
SM.
I've seen references to a SM extension that over-rides the extension
compatibility check.. I've never used it, so I don't have a name or
link for you :(
BTW, I have expensive lens implants and have excellent vision. That dark
gray padlock is simply a horrible color. It should still be gold or green or
bright neon blue ....some color that is easy to see if it is open or closed
as it is a small icon.
I'm guessing the color can be over-ridden with something in userChrome.css
Further, why in Fx, does the address bar color change for HTTPS but does not
in SM unless the site has EXTENDED validation?
Most probably because the SM programmer chose not to.
SM does not even have an icon
left of the address to click on to see the security status. You have to
find that almost impossible to see dark gray lock on the status bar and
click on that. It is almost impossible to tell if the dark gray lock is
locked or unlocked just by looking at it. VERY VERY BAD IMPLEMENTATION OF
SECURE PAGES. On StartPage HTTPS, that lock has a very small background
that is colored grayish tan. What is that supposed to convey? The address
bar is blue but it is blue on non secure pages also.
I was playing around with the address bar color a while back. You
might try modifying the following to get the colors you want:
/*
* Change the "Secure Site" URL address bar background color
*/
/* ******* comment out.. not sure if I really want this
* #urlbar[level="high"]> .autocomplete-textbox-container,
* #urlbar[level="low"]> .autocomplete-textbox-container {
* background-color: turquoise !important;
* }
*/
I found this on a search:
"The latest versions of both Seamonkey and Firefox displays both a closed
padlock icon in the status bar and coloured background in the URL field when
the page is properly encrypted and secure. They also display a red broken
padlock in the status bar but no coloured background in the URL field when
the encrypted page is not secure."
http://philipramsey.blogspot.com/2011/02/httpswwwcchcamyaccountloginaspx-not.html
That's over a year old& I'm not bothering to check if Phillip Ramsey
is/was a SM developer, but I suspect not. In other words, he could be
as authoritative a source as I am (which is NOT AT ALL since I have
not looked at the code :)
The padlock should change to red when I get the popup from SM saying the
secure connection faild?
Dunno. I have not seen any SM/FF documentation on what should happen
under different failure scenarios. But remember, you told SM to trust
the startpage certificate. So it seems reasonable that you get a
normal padlock..
It doesn't turn red. I don't get a colored
background in the address bar either when the page is properly encrypted and
secure except for pages that use extended validation and then the address
bar turns yellow.
See above for the CSS to change that..
Otherwise, properly encrypted and secured pages or not the
address bar is always a blue color that fades to white toward the end of the
address bar and actually, it should be transparent, but isn't on SM and is
on Fx.
For me, the SM address bar is an ugly shade of yellow for https://
sites& very light blue for others. Maybe because I changed to the SM
Modern theme??
Further there is NO INFORMATION ANYWHERE, that I can find, on SM that
informs me that I have made a permanent exception for GoDaddy cert at
StartPage.
Edit / Preferences / Privacy& Security / Certificates / Manage
Certificates / Servers
startpage.com as well as the sNN-us2.startpage.com sites show up there for me.
Regards,
Lee
