Perspectives Perspectives is a Firefox extension that improves SSH-style host authentication with multi-path network probing.
Download

Perspectives Ranking & Summary

Perspectives Tags

Firefox extension authentication host ssh host authentication network probing

Perspectives Description

Perspectives is a Firefox extension that improves SSH-style host authentication with multi-path network probing. Perspectives is a Firefox extension that improves SSH-style host authentication with multi-path network probing.Perspectives is a new approach to help clients securely identify Internet servers in order to avoid "man-in-the-middle" attacks. Perspectives is simple and cheap compared to existing approaches because it automatically builds a robust database of network identities using lightweight network probing by "network notaries" located in multiple vantage points across the Internet.Contribute: If you would like to contribute to this project by writing code, running a notary, designing GUI's, or writing documentation please email us. We soon hope to soon have a page for facilitating such contributions.When you use a secure protocol like SSL or SSH to communicate on the Internet, your communication is vulnerable to a "man-in-the-middle" attack unless you are able to identify the remote server in a secure manner. One way to do this is to have the server participate in a "Public Key Infrastructure" (PKI) and buy a certificate from a certificate authority like VeriSign.Unfortunately, PKI's can be expensive and cumbersome to operate, leading to widespread use of a simple and cheap "Trust-on-first-use" mechanism commonly associated with SSH and HTTPS with self-signed certificates. Unfortunately, this comes at the cost of security.Few users bother to verify the correctness of the key manually (hey, we're lazy by nature!), but Perspectives provides a simple "no effort" way to get significantly more information about whether a key is correct for that destination. A client can automatically make a secure connection to one of several publicly available "network notary servers" located around the world. These servers tell the client:1. What key does the server see for host.domain.com right now?2. What keys has the server seen in the past for host.domain.com ?The replies from the network notaries can go a long way toward either providing the user with confidence that the key it received is valid, or that a real threat of a "man in the middle" attack exists.The end result is that instead of having applications issue bland warnings, which users often ignore, the application can either skip the warning if notary data indicates the the key is valid, or give a very stern warning in the rare cases when an attack appears to be in progress.Requirements:· Firefox 2.0 - 3.0.*What's New in This Release:· We have released an experimental 64-bit Linux version of Perspectives.

Perspectives Related Software