Perspective [1], a free add-on for Mozilla Firefox 3.0 has been released. Developed at the Carnegie-Mellon University's School of Computer Science and College of Engineering, it works by transparently referencing a site with intermediate nodes called "notaries" around the Net. The current site's digital certificate is then compared against what has been previously spotted by the notary.
Its purpose is to defend against spoofed sites, as well as possibly protecting against recently disclosed flaws in the DNS. This is particularly useful, since many sites install cheaper self-signed certificates that bypasses certificate authorities. If no match is found, the browser will display a warning to the web surfer that the site is suspicious. Michael Kassner at TechRepublic has done an excellent write-up explaining the inner workings of Perspective; check it out here [2].
For more on the notary system:
- check out this Ars Technica article [3]
Links:
[1] http://www.cs.cmu.edu/%7Eperspectives/firefox.html
[2] http://blogs.techrepublic.com.com/networking/?p=644
[3] http://arstechnica.com/news.ars/post/20080826-network-notary-system-thwarts-man-in-the-middle-attacks.html