A few people have written in regarding the Firefox plugin SSL Blocklist The tool has been around for a while, but they have added the ability to detect MD5 signed certificates and block access. It might be a nice addition to the arsenal. Whilst the address bars in FF and IE do seem to turn green when the site has a SHA signed cert (at least it did for the sites I tested), this might be a bit more obvious. You only get the padlock when the site is MD5 signed. Mark H |
Mark 392 Posts ISC Handler Jan 2nd 2009 |
Thread locked Subscribe |
Jan 2nd 2009 1 decade ago |
The green doesn't necessarily mean it uses sha1 for hashing the signature, it just means it is an "extended valiadation" cert, though for the money it probably is sha1.
http://en.wikipedia.org/wiki/Extended_Validation_Certificate |
Anonymous |
Quote |
Jan 3rd 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!