-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 20.02.2014 06:39, grarpamp wrote: >> I set up a measurement to check the SSL Certificate of >> torproject.org from as many countries as > > Presumably that the cert SHA1 fingerprint or binary diff is being > checked, not just that a cert having the same CN is present and > signed by some CA/issuer that may be subverted all the way back to > the root certs in use. > Yes, the measurement downloads the entire certificate and checks if it differs at any point, not just if the CN or CA is identical. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQJ8BAEBCgBmBQJTBdm1XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4NEM0ODA5N0EzQUY3RDU1MTg5QTc3QUMx NjlGOTYyNDM0MDg4MjVFAAoJEBafliQ0CIJePGoP/1+7BjzDpEQyMtUeMASyU7H3 tpQTAYTfHKCgQMRuXvWYscKB7IcJMsifJ+UQz+Rqj/OYd6WnglIisrTI0G+6WVOB ya77q+aJtg8mzfP0E5F7T2kvGx34E9XmZM4JN4s2CvYEg2PCcaxNy0SCuxNoTYpr Kgk1M5o9o1a5SCSYFMDNbggeS9QbkIi7RD9MsiKd43YZPwaHe3WqljaZobVukwVf owzXiyNOXhWnjVLxERm+2MFmQYwkCWPZZ9150YbW1GkMH376L9UkOQ/dpw3hdDi2 dDPg4qLGBxYlAFj+Fbg0eDqSd+82Lz7x/VXKAY5wZlzUK7fEDmZaq+cFTQTVfl9u mpr8wKCzm9DG8Q6XyNji23apEDomqLAJrg8boa81M+zrRez16BY0fhumf1XjJeKC XSgseLKnUpdVoRCGd20bvQ/NqajFvZcBCsFgZKeZJqz/WVwR3dGvwDFio3LfLQab TofQeuJVZBOm3q6+kwSsWlg22wJHZMLTYsDqIiSvZq06PGsdFiTr7rWPRTcEhhtf UymsgYiXs0ICvNJ6+HItm/wD/5EvaYCX694gVGXFrclsWL1kuVMg++4BGxj9P7rW DSWrg3CXxSusKHpEVKqWV64d8Vc+x/0rnGJMAFyJ0aNdxOly6lJ1Nq7wP0hJG/4C AXf8nI1MTr/0zNY6LeDq =PfPZ -----END PGP SIGNATURE----- -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
