and not a single Tor hacker was surprised...
katana
katana at riseup.net
Wed Jan 22 09:47:12 PST 2014
Hi,
> About this. Is there a way to serve 2 (or more) certificates for a
> given HTTPS server/domain? What I would like to have is a way to: -
> serve a proper, vanilla SSL certificate bought from some provider for
> the general public accessing my service; - serve a different cert
> (for example, using MonkeySphere) for those that do not trust (and
> with good reasons) major CA's.
>
> This would have to work for the *same* domain on the *same*
> webserver. I haven't yet seen a way to do this, so this might need
> implementing, but maybe somebody here has heard about something along
> these lines?
Like the Soveraign or TACKed keys perhaps?
<https://www.eff.org/deeplinks/2011/11/sovereign-keys-proposal-make-https-and-email-more-secure>
<http://arstechnica.com/security/2012/05/ssl-fix-flags-forged-certificates-before-theyre-accepted-by-browsers/>
--
Katana
More information about the cypherpunks
mailing list