Firefox extension that shows in a readable format, the state of HSTS (HTTP Strict Transport Security) and HPKP (HTTP Public Key Pins) domains stored by the browser

Technology description

This is a Firefox extension that shows in a readable format, the state of HSTS (HTTP Strict Transport Security) and HPKP (HTTP Public Key Pins) domains stored by the browser. Firefox does not have a native way to show these domains or this functionality documented.

Functionalities

The information provided by the table is the one stored by the browser, “translated” in a more human readable way.

- Domain: domain protected under HSTS or HPKP.
- Score: this score is a Firefox value. It increases by one every different day (24 hours at least) the domain is visited.
- Date: last day the domain was visited. It is calculated by Firefox using the number of days since 01/01/70.
- Expiration Date: max-age of HSTS or HPKP, in other words, when the entry will expire.
- SecurityProperty: this is a Firefox value. SecurityPropertyUnset if 0, SecurityPropertySet if 1 or SecurityPropertyKnockout if 2.
- IncludeSubdomains: whether the HSTS or HPKP directive includes subdomains.
- HPKP Pins: list of pins in the HPKP header.
Pin Patrol for Firefox
Innovation Technologies

Certificate Transparency

Certificate Transparency is a new layer of security on top of TLS ecosystem.

Pin Patrol for Chrome

A tool for improving the experience using HSTS and HPKP in Chrome. It shows this information in a human readable way, from your own browser or from any other.

EmetRules

A simple command line tool that creates a configuration for importing into EMET, so that the user does not need to take any action.