Skip to content
/ check-ssl Public

chrome extension that checks security of SSL hashing algorithm used on current site

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

danigrant/check-ssl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
README.md
README.md
 
 
app.js
app.js
 
 
background.js
background.js
 
 
icon.png
icon.png
 
 
manifest.json
manifest.json
 
 

Repository files navigation

#Check SSL Chrome Extension Checks if websites have weak SHA-1 SSL certificates. Built at HackMIT as an extension to this open source project. Available on Chrome Web Store for download.

A recent blog post from Google exposes most of the web (including Google itself) using proven-to-be-spoofable SHA-1 hashes for SSL. The blog post warns that Google will start indicating to its Chrome users when they're on a site with an unreliable SSL cert in 2016 - that's in two years. Web users have the right to information transparency about the sites they're on now.

The extension checks the current site's SSL certificate and lets the user know if the hashing is "good" (like SHA-2), "almost" (if the cert is old but the intermediate certificates are good) or "bad" (like SHA-1).

Future versions will include a simple UI for users to learn more about the app and SSL. This no explanation approach is a bit cryptic.

About

chrome extension that checks security of SSL hashing algorithm used on current site

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages