On 1/9/2014 4:30 AM, Max Jakob Maass wrote:
> An example would be "Certificate Patrol"
> (https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/)
> for Firefox. It implements Certificate Pinning and will notify you if
> certificates change (even with special warnings if they change way
> before they are due, and if the CA changes, both very handy features
> when dealing with a compromised / Government MITM CA).
>
> It does not, however, implement a Cert Web-of-Trust that compares the
> certificate you are seeing to those other people are seeing. I am not
> aware of any addon or browser that does that, so I'd be curious to
> hear which ones implement that (as your message sounded like there are
> indeed some implementations of this). I am also unaware of any addon
> for Chrom{e,ium} or other browsers that does the job of certificate
> patrol... If anyone knows about any, please let me know.
>
> Max
>
I believe HTTPS-Everywhere is capable of checking certs against what
others are seeing, and it's actually already installed in TBB.
Unfortunately this feature is only available for the Firefox version of
HTTPS-Everywhere. If you click on the HTTPS-Everywhere icon in the
top-right corner of TorBrowser, you'll see an option for "SSL
Observatory Preferences". Just enable it, and you're set. Here's some
more info:
https://www.eff.org/deeplinks/2012/02/https-everywhere-decentralized-ssl-observatory
https://www.eff.org/observatory
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk