[13690] in cryptography@c2.net mail archive
New toy: SSLbar
daemon@ATHENA.MIT.EDU (Steve Schear)
Tue Jun 24 15:20:45 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 24 Jun 2003 11:28:29 -0700
To: cryptography@metzdowd.com
From: Steve Schear <schear@attbi.com>
In-Reply-To: <3EF66217.9010403@storm.ca>
It's a toolbar for Mozilla (and related web browsers) that automatically
displays the SHA1 or MD5 fingerprint of the SSL certificate when you visit
an SSL secured web site. You could of course click the little padlock icon
and dig through a couple of dialogs to see it, but it's much easier when
it's right there in front of you on the toolbar.
So, what's the point?
If you look at the fingerprint of an SSL certificate, and compare this
against a fingerprint that you obtain from the site's owner via another
channel (IIP, email, PGP-signed web page, etc.) you can be absolutely
certain that the certificate is legitimate, and that you are exchanging
encrypted data with the persons(s) you intended to.
A more engaging description of the above - as well as SSLbar itself - can
be found at
<https://194.109.142.142:1984/redirect.php?url=http%3A%2F%2Fsslbar.metropipe.net>http://sslbar.metropipe.net
Enjoy.
"A Jobless Recovery is like a Breadless Sandwich."
-- Steve Schear
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
