(Few) Months ago I was quite pissed, when in release 33.0 Firefox decided to remove at once their JS Crypto.SignText API. Maybe not a big deal for them, but a big deal for me and my use of:
- government digital ID
There was huge buzz on the subject (Spain also jumped, seems their e-government solution is based on this “insecure API”). I also submitted very angry feedback, but alas: the only solution (and temporary too) was to revert to the current ESR release of Firefox, based on previous version and still supporting Crypto.SignText.
So I ended up having three different Firefoxes on my machine: the developer version, the ESR version and the (latest) portable version, which I anyway always keep around. ESR was good for my signing needs, but I was wondering what’d happen, when ESR moves up. Then I’d end most probably with IE only, which is serious productivity hit for my e-banking activities.
However, on Dec 16th I received an e-mail from Firefox Developer, who asked me to test new extension, which restores Firefox functionality in that regard. Initially I was a bit suspicious, checked carefully the e-mail headers and route, and trusting both Google and what I saw in the headers I decided to try the extension (in a sandbox first, of course).
It turned out pretty nicely: all the missing Crypto.SignText appeared back and I was one very happy camper again. After cleaning up my ESR release, I decided to share my experience, because someone could probably need the same solution. On my question how stable this will be as a solution to the problem, the feedback from the developers was that this will be the official supported way for adding back Crypto.SignText JS API to Firefox.
The extension is signTextJS, it’s available here: https://addons.mozilla.org/en-US/firefox/addon/signtextjs. Use at your own risk and for your own pleasure or convenience. It worked for me, hopefully it’ll work for you too. Now it’s time to donate some funds to Mozilla, so they can keep delivering better web to everyone [although my primary browser is still Chrome]