SSL Blacklist – Firefox Plugin Detects Bad Certificates
January 2, 2009 – 11:51 AMThis Firefox plugin was first created back during the Debian/OpenSSL scare about 6 months ago where the key pairs that were generated from an affected machine were easily guessable. Marton Anka created this plugin to help users find these bad certificates:
On 12/31/2008, Marton updated this plugin to detect the vulnerable MD5 based certificates that were recently exploited:
You can find this Plugin and any additional information at the website:
One Response to “SSL Blacklist – Firefox Plugin Detects Bad Certificates”
It’s a real shame that the main site is down, as I have a comment to make about the plugin… it detects dual-signed certs (md5 and sha1) as weak, but firefox should spot the sha1 signature as best and just use it.
By Martyn Ranyard on Jun 18, 2009