diff options
Diffstat (limited to 'man/man7/thumbprint.html')
| -rw-r--r-- | man/man7/thumbprint.html | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/man/man7/thumbprint.html b/man/man7/thumbprint.html new file mode 100644 index 00000000..eccbe595 --- /dev/null +++ b/man/man7/thumbprint.html @@ -0,0 +1,68 @@ +<head> +<title>thumbprint(7) - Plan 9 from User Space</title> +<meta content="text/html; charset=utf-8" http-equiv=Content-Type> +</head> +<body bgcolor=#ffffff> +<table border=0 cellpadding=0 cellspacing=0 width=100%> +<tr height=10><td> +<tr><td width=20><td> +<tr><td width=20><td><b>THUMBPRINT(7)</b><td align=right><b>THUMBPRINT(7)</b> +<tr><td width=20><td colspan=2> + <br> +<p><font size=+1><b>NAME </b></font><br> + +<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td> + + thumbprint – public key thumbprints<br> + +</table> +<p><font size=+1><b>DESCRIPTION </b></font><br> + +<table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table> + + +<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td> + + Applications in Plan 9 that use public keys for authentication, + for example by calling <tt><font size=+1>tlsClient</font></tt> and <tt><font size=+1>okThumbprint</font></tt> (see <a href="../man3/pushtls.html"><i>pushtls</i>(3)</a>), + check the remote side’s public key by comparing against thumbprints + from a trusted list. The list is maintained by people who set + local policies about which servers can be trusted + for which applications, thereby playing the role taken by certificate + authorities in PKI-based systems. By convention, these lists are + stored as files in <tt><font size=+1>/sys/lib/tls/</font></tt> and protected by normal file + system permissions. + <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table> + + Such a thumbprint file comprises lines made up of attribute/value + pairs of the form <i>attr</i><tt><font size=+1>=</font></tt><i>value</i> or <i>attr</i>. The first attribute must + be <tt><font size=+1>x509</font></tt> and the second must be <tt><font size=+1>sha1=</font></tt><i>{hex</i><tt><font size=+1>checksum</font></tt><i>of</i><tt><font size=+1>binary</font></tt><i>certificate}.</i> + All other attributes are treated as comments. The file may also + contain lines of the form <tt><font size=+1>#include</font></tt><i>file + <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table> + </i> + For example, a web server might have thumbprint<br> + <tt><font size=+1>x509 sha1=8fe472d31b360a8303cd29f92bd734813cbd923c cn=*.cs.bell−labs.com<br> + </font></tt> +</table> +<p><font size=+1><b>SEE ALSO </b></font><br> + +<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td> + + <a href="../man3/pushtls.html"><i>pushtls</i>(3)</a><br> + +</table> + +<td width=20> +<tr height=20><td> +</table> +<!-- TRAILER --> +<table border=0 cellpadding=0 cellspacing=0 width=100%> +<tr height=15><td width=10><td><td width=10> +<tr><td><td> +<center> +<a href="../../"><img src="../../dist/spaceglenda100.png" alt="Space Glenda" border=1></a> +</center> +</table> +<!-- TRAILER --> +</body></html> |