- Jan 7, 2011
- 1,362
Certificate Patrol
What it does?
When you visit a https encrypted page it will download and store the information available on the certificate used on the server. If in the future the certificate changes, you will get a warning stating this fact and the reason why the certificate changed.
Why I need this?
You probably remember a recent story about forged certificates. An attacker was able to obtain forged certificates for high profile sites like Google and Microsoft. These forged certificates combined with a man-in-the-middle attack (for example) could result in making you think you are accessing a legit site, using a secure connection while in fact this is not true. Such certificates do get revoked (they are no longer valid) but the revocation process takes time. With this plugin you will be warned that the certificate has changed and unless there is a legitimate reason for this change to happen (the old certificate expired, for example) you have a reason to be suspicious.
What it does?
When you visit a https encrypted page it will download and store the information available on the certificate used on the server. If in the future the certificate changes, you will get a warning stating this fact and the reason why the certificate changed.
Why I need this?
You probably remember a recent story about forged certificates. An attacker was able to obtain forged certificates for high profile sites like Google and Microsoft. These forged certificates combined with a man-in-the-middle attack (for example) could result in making you think you are accessing a legit site, using a secure connection while in fact this is not true. Such certificates do get revoked (they are no longer valid) but the revocation process takes time. With this plugin you will be warned that the certificate has changed and unless there is a legitimate reason for this change to happen (the old certificate expired, for example) you have a reason to be suspicious.