[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] How evil is TLS cert collection?
> But, if the EFF runs an exit enclave at observatory.eff.org, shouldn't
Always thought it would be useful to have a third party service
where you could feed it a cert's sha1 fingerprint and it would
return 0 or 1 if it felt that fp was legit.
Many people have only one supposedly 'clear' view of the net
from which to see. Tor exits certainly cannot be trusted to
have a taint free view. And verification with CA issuer/subject
is a pain. Call it a looking glass without guarantee.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk