X-Git-Url: https://gitweb.stoutner.com/?a=blobdiff_plain;f=app%2Fsrc%2Fmain%2Fassets%2Fen%2Fguide_ssl_certificates_dark.html;fp=app%2Fsrc%2Fmain%2Fassets%2Fen%2Fguide_ssl_certificates_dark.html;h=0000000000000000000000000000000000000000;hb=39380e8e8bdb3b9e29569a263277c9c3112b44ac;hp=52dfccd516415fe8bca1725f054c07a271e12457;hpb=86e63c8ed007311ab392d4beb7dd7ba64b9c3c70;p=PrivacyBrowserAndroid.git diff --git a/app/src/main/assets/en/guide_ssl_certificates_dark.html b/app/src/main/assets/en/guide_ssl_certificates_dark.html deleted file mode 100644 index 52dfccd5..00000000 --- a/app/src/main/assets/en/guide_ssl_certificates_dark.html +++ /dev/null @@ -1,53 +0,0 @@ - - - - - - - - - - -

Connect with Confidence

- -

When visiting an encrypted URL (one that begins with HTTPS), the webserver uses an SSL certificate to both encrypt the information sent to the browser and to identify the server. - The purpose of the server identification is to prevent a machine located between the browser and the webserver from pretending to be the server and decrypting the information in transit. - This type of attack is known as a Man In The Middle (MITM) attack. - SSL certificates are generated by certificate authorities: companies that verify a server’s identity and produce a certificate for a fee. - Android has a list of trusted certificate authorities, and will accept any of their certificates for any website. - It isn’t supposed to be possible for an organization to acquire an SSL certificate for a domain they do not control, - but in practice many governments and large corporations have been able to do so.

- -

Pinning an SSL certificate tells the browser that only one specific SSL certificate is to be trusted for a particular domain. Any other certificate, even if it is valid, will be rejected.

- -

- -

SSL certificates expire on a specified date, so even pinned SSL certificates will legitimately need to be updated from time to time. - As a general rule, pinning SSL certificates probably isn’t needed in the majority of cases. - But for those who suspect that powerful organizations may be targeting them, SSL certificate pinning can detect and thwart a MITM attack. - Privacy Browser also has the ability to pin IP addresses.

- -

- -

SSL certificates can be pinned in Domain Settings. - Besides protecting against MITM attacks, - pinning a self-signed certificate for a device like a wireless router or access point will remove the error message that is normally presented every time its website is loaded. - Tapping on the active tab displays the current website SSL certificate.

- - \ No newline at end of file