[guardian-dev] TOFU/POP aid for HTTPS
Abel Luck
abel at guardianproject.info
Thu Aug 30 13:22:16 EDT 2012
Hans-Christoph Steiner:
>
> I seem to run into self-signed HTTPS certificates a lot, and I like to
> try to verify them to some degree beyond just "Trust On First Use". I
> wrote a little script to easy get an HTTPS cert's SHA1 and MD5
> fingerprints from the terminal. Then I can ssh to a couple remote
> machines and make sure that the fingerprint is the same before trusting it.
>
> The script is attached, you need to install this to run it:
>
> apt-get install python-m2crypto
Dude, this is awesome. I have this problem all the time. Thanks!
I wonder if the SSL observatory has a public API we could query?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 630 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mayfirst.org/pipermail/guardian-dev/attachments/20120830/a565fb31/attachment.pgp>
More information about the Guardian-dev
mailing list