You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As part of the connection process, we should create a tls connection and record if the certificate is signed by a trusted CA or not. The user should be able to provide custom urls since the common names (like google) are probably whitelisted.
In addition, we could record those certificates and submit them to certificate transparency or save them for later if certificate transparency can not be reached from that network (which would be likely in case of an attack that severe).
We could also accept a config that pins certificates for some domains and alerts if those pins are violated.
This feature should be standalone, so the recorder can be used without depending on snaild as a network manager.
The text was updated successfully, but these errors were encountered:
As part of the connection process, we should create a tls connection and record if the certificate is signed by a trusted CA or not. The user should be able to provide custom urls since the common names (like google) are probably whitelisted.
In addition, we could record those certificates and submit them to certificate transparency or save them for later if certificate transparency can not be reached from that network (which would be likely in case of an attack that severe).
We could also accept a config that pins certificates for some domains and alerts if those pins are violated.
This feature should be standalone, so the recorder can be used without depending on snaild as a network manager.
The text was updated successfully, but these errors were encountered: