[HTTPS-Everywhere] DANE Patrol 0.2.3 alpha - fork of Certificate Patrol with DANE (RFC 6698) implementation
Ondrej Mikle
ondrej.mikle at nic.cz
Thu Nov 8 03:17:05 PST 2012
Hi,
this is not directly related to HTTPS Everywhere, but I thought it could be of
interest of subscribers.
DANE Patrol is fork of Certificate Patrol with some fixes and features:
- multiple certificates per domain are supported and stored (reduces
"certificate changed" warnings)
- if DANE TLSA record matches for a site, warnings are suppressed and
certificate is accepted
- matching DANE TLSA record with certificate usage 2 or 3 can override
"certificate is not trusted" page (turned on by default, can be disabled in
preferences)
- fetching DANE TLSA records can be turned off for people who don't like NPAPI
plugins (NPAPI plugin is required for DNS TLSA requests), in such case the addon
will act as Certificate Patrol with multi-cert-per-site support
Download for Linux/Mac (i686 and x86_64) including source git repo can be found
here (click "English" on top if you don't get EN page):
https://labs.nic.cz/page/1207/dane-patrol/
It's alpha, so expect bugs :-)
Ondrej
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <http://lists.eff.org/pipermail/https-everywhere/attachments/20121108/4cc8179e/attachment.sig>
More information about the HTTPS-everywhere
mailing list