> And just while I am here there was a paper that proposed a firefox plugin > that would cache certs and warn if one changed unexpectedly. Savy users > would then notice the warning before clicking through, and post the > evidence > on relevant security lists. However the plugin seems to be vaporware > and no > one ever implemented or at least released such a thing which seems rather > odd in the last years SSL/PKI environment. We could really use such a > thing > around now, I'd install it for sure.
I am not quite sure... are you referring to Kai Engert's recent proposal? We're working on a (more elaborate) version of that... Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/
signature.asc
Description: OpenPGP digital signature
_______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
