BlueLight: A Firefox extension for Notification of SSL Monitoring
BlueLight provides user notification of SSL/TLS inspection based on certificates
known to be associated with SSL inspection, usually by implementing an SSL MitM
using organizational PKI.
The intuition behind BlueLight is that it can be reassuring to know when your
secure communications are protected by monitoring. This is analogous to the blue lights
often used to call attention to security cameras.
To operate correctly, a regular expression covering the certificates known to be
associated with SSL inspection must be configured for the key
"extensions.bluelight.inspectioncertregex". This regex is applied to the issuer CN
(Issuer or Verified by Common Name).
You can also customize the "Learn More" link by changing the "extensions.bluelight.moreinfourl"
key. It is recommended that this be changed to a URL more useful for your organziation.
e.g. A link which explains why SSL monitoring is being used and how it protects the user.
These settings are accessed through about:config.
It is expressely permitted and highly recommended that bluelight be repackaged to change the
default settings (see prefs.js) or that these be set through customized firefox deployment
You can download the current version (0.0.5 released 2013-10-19) here
You can also download from addons.mozilla.org
BlueLight is based heavily on Cert Alert by chihchun.
BlueLight is licensed under the Mozilla Public License. Alternatively, it can be licensed under GPL or LGPL. See bluelight.js