[159264] in North American Network Operators' Group
Re: Gmail and SSL
daemon@ATHENA.MIT.EDU (Seth David Schoen)
Wed Jan 2 20:25:28 2013
Date: Wed, 2 Jan 2013 17:25:15 -0800
From: Seth David Schoen <schoen@loyalty.org>
To: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <C78BD9B6-1BC2-49F5-9A3C-7F4ADF1504DD@cs.columbia.edu>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Steven Bellovin writes:
> The only Chrome browser I have lying around right now is on a Nexus 7 tablet;
> I don't see any way to list the pinned certs from the browser. There is a
> list at http://www.chromium.org/administrators/policy-list-3, and while I
> don't know how current it is you'll notice a decided dearth of interesting
> sites with the exceptions of paypal.com and lastpass.com.
You can see the current list of cert pins and HSTS preloads in the Chromium
source tree at
https://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.h?view=markup
or
https://src.chromium.org/viewvc/chrome/trunk/src/net/base/transport_security_state_static.json?view=markup
--
Seth David Schoen <schoen@loyalty.org> | No haiku patents
http://www.loyalty.org/~schoen/ | means I've no incentive to
FD9A6AA28193A9F03D4BF4ADC11B36DC9C7DD150 | -- Don Marti
