It's a toolbar for Mozilla (and related web browsers) that automatically displays the SHA1 or MD5 fingerprint of the SSL certificate when you visit an SSL secured web site. You could of course click the little padlock icon and dig through a couple of dialogs to see it, but it's much easier when it's right there in front of you on the toolbar.

So, what's the point?

If you look at the fingerprint of an SSL certificate, and compare this against a fingerprint that you obtain from the site's owner via another channel (IIP, email, PGP-signed web page, etc.) you can be absolutely certain that the certificate is legitimate, and that you are exchanging encrypted data with the persons(s) you intended to.

A more engaging description of the above - as well as SSLbar itself - can be found at <>


"A Jobless Recovery is like a Breadless Sandwich."
-- Steve Schear ---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to