Firefox plugin checks SSL certificates
Queries multiple notary servers
INSECURITY RESEARCHERS at at Carnegie Mellon University have developed a new SSL (Secure Sockets Layer) verification plugin for Mozilla Firefox 3.
Perspectives is designed to query at least four notary servers to obtain the status of a questionable certificate via current and archived domain keys.
The plugin will automatically override the Firefox 3 security error page if the certificate is deemed legitimate. However, if the veracity of the site cannot be confirmed, Perspectives will add a red bar to the Firefox warning page that reads: " Suspected attack: Perspectives was unable to verify the security of your connection to this website”.
It should be noted that Firefox 3 is set to block surfers from accessing sites with self-signed certificates and may also prevent visits to pages with expired third-party validations. However, users are permitted to click through four dialog boxes and add the unrecognized SSL certificate as an "exception”.
According to Firefox developer Jonathan Nightingale, self-signed certificates are not inherently evil, but are “implicitly untrusted -- [as] no one has vouched for them”. µ
Comments
Better than nothing!
Surely self-signed certificates are better than no encryption at all..Problem with all this malarkey is it makes self-certs seem WORSE, which is clearly wrong.
Already reported!
Once again, the INQ publishes an already boring story twice!http://www.theinquirer.net/gb/inquirer/news/2008/08/28/firefox-gets-better-site-id
school!
I have to punch around Firefox for University of Texas site. They appear to have a self-signed certificate.