An interesting (though, it seems to me, does not fly) project from PSYC authors:
https://secushare.orgReturning to the subject of manual certificate pinning.
I did not find anything ready and really working, nor in Android, not in the big blind.
I start to feel paranoid.
Because the problem is widespread, the lack of mass solutions beneficial scoundrels and security services, and this decision, at least partially, no longer appears.
Those. Now you want to check a certificate chain - click the mouse several times, comparing the settings to the previously recorded somewhere.
Manage certificates in browsers missing. API - the problem (
Here, for example, have merged this question mozilschiki; Thanks at least that read information about certificates allowed ...)
Google has begun to implement HTTP Public Key Pinning (HPKP), in the middle of this concept has refused. Now deploys more zamorochenny Certificate Transparency ...
In the course of excavations ever come across corpses of different projects ...
In general, here and does not want to, but suspect that someone with long arms strangling privacy.
Here is a miracle found from the curious:
https://checmyhttps.netCrutches (in three languages, by the way), designed to address, as I understand it, problems with imperfect API browsers.
Awaken creative thought.
Post has been editedfox_nyxem - 20.11.18, 19:02