[guardian-dev] TOFU/POP aid for HTTPS
Alexander Krug
mail at krugar.de
Thu Aug 30 14:46:26 EDT 2012
have you tried http://convergence.io , that "perspectives" firefox
plugin by moxie marlinspike?
cheers
-k
Hans-Christoph Steiner:
>
>
> On 08/30/2012 01:22 PM, Abel Luck wrote:
>> Hans-Christoph Steiner:
>>>
>>> I seem to run into self-signed HTTPS certificates a lot, and I like to
>>> try to verify them to some degree beyond just "Trust On First Use". I
>>> wrote a little script to easy get an HTTPS cert's SHA1 and MD5
>>> fingerprints from the terminal. Then I can ssh to a couple remote
>>> machines and make sure that the fingerprint is the same before trusting it.
>>>
>>> The script is attached, you need to install this to run it:
>>>
>>> apt-get install python-m2crypto
>>
>> Dude, this is awesome. I have this problem all the time. Thanks!
>>
>> I wonder if the SSL observatory has a public API we could query?
>
> That's a good idea!
>
> Here's an updated version of the script to handle some errors better.
>
> .hc
>
>
>
> _______________________________________________
> Guardian-dev mailing list
>
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
>
> To Unsubscribe
> Send email to: Guardian-dev-unsubscribe at lists.mayfirst.org
> Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/guardianproject%40krugar.de
>
> You are subscribed as: guardianproject at krugar.de
>
More information about the Guardian-dev
mailing list