[guardian-dev] TOFU/POP aid for HTTPS

Alexander Krug mail at krugar.de
Thu Aug 30 14:46:26 EDT 2012


have you tried http://convergence.io , that "perspectives" firefox
plugin by moxie marlinspike?

cheers
-k

Hans-Christoph Steiner:
> 
> 
> On 08/30/2012 01:22 PM, Abel Luck wrote:
>> Hans-Christoph Steiner:
>>>
>>> I seem to run into self-signed HTTPS certificates a lot, and I like to
>>> try to verify them to some degree beyond just "Trust On First Use".  I
>>> wrote a little script to easy get an HTTPS cert's SHA1 and MD5
>>> fingerprints from the terminal.  Then I can ssh to a couple remote
>>> machines and make sure that the fingerprint is the same before trusting it.
>>>
>>> The script is attached, you need to install this to run it:
>>>
>>> apt-get install python-m2crypto
>>
>> Dude, this is awesome. I have this problem all the time. Thanks!
>>
>> I wonder if the SSL observatory has a public API we could query?
> 
> That's a good idea!
> 
> Here's an updated version of the script to handle some errors better.
> 
> .hc
> 
> 
> 
> _______________________________________________
> Guardian-dev mailing list
> 
> Post: Guardian-dev at lists.mayfirst.org
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> 
> To Unsubscribe
>         Send email to:  Guardian-dev-unsubscribe at lists.mayfirst.org
>         Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/guardianproject%40krugar.de
> 
> You are subscribed as: guardianproject at krugar.de
> 



More information about the Guardian-dev mailing list