|
|
|
|
|
|
by throwaway0x00ff
2075 days ago
|
|
|
> a SSL connection is transient and you can't replay it to show that Google's certificate digitally signed that email in GMail. Actually, there the TLSNotary[1] protocol that allows you to use the https connection as a means to sign the web content your browser received.
There is the PageSigner browser extension that uses TLSNotary to sign webpages. However, it seems like this project wasn't given a lot of love this last few years.
Good news is version 2.0 has been released just a week ago[2], with support for TLS 1.2, but with a major drawback for me: it now trusts a server generating the TLS keys for the notarized page. Sure, it's an "oracle" server not controlled by PageSigner but still operated by Amazon. [1] https://tlsnotary.org/
[2] https://tlsnotary.org/wp/?p=45 |
|
|