Discussion in 'privacy technology' started by Minimalist, Jul 2, 2017.
I'm glad to see the new post by MG on his blog which has been quiet for some time.
My RSS feed to his website still does not work.
If people used their public key finger print more it might help. For example if I used it as my SIG on my forum posts anyone could compare that with a public key someone claiming to be me sent them.
Websites could have a second domain name, their cert fingerprint.com. They could publish both URLs anywhere including their site and on printed literature, business cards etc. The security conscious could use the secure url. A browser addon could easily verify that the site cert matches the fingerprint URL prior to TLS negotiation.
Separate names with a comma.