From 78e51a8c6678b6e3dff3d619aa786669f531f4bc Mon Sep 17 00:00:00 2001
From: rsc <devnull@localhost>
Date: Fri, 14 Jan 2005 03:45:44 +0000
Subject: checkpoint

---
 man/man7/thumbprint.html | 68 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 man/man7/thumbprint.html

(limited to 'man/man7/thumbprint.html')

diff --git a/man/man7/thumbprint.html b/man/man7/thumbprint.html
new file mode 100644
index 00000000..eccbe595
--- /dev/null
+++ b/man/man7/thumbprint.html
@@ -0,0 +1,68 @@
+<head>
+<title>thumbprint(7) - Plan 9 from User Space</title>
+<meta content="text/html; charset=utf-8" http-equiv=Content-Type>
+</head>
+<body bgcolor=#ffffff>
+<table border=0 cellpadding=0 cellspacing=0 width=100%>
+<tr height=10><td>
+<tr><td width=20><td>
+<tr><td width=20><td><b>THUMBPRINT(7)</b><td align=right><b>THUMBPRINT(7)</b>
+<tr><td width=20><td colspan=2>
+    <br>
+<p><font size=+1><b>NAME     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    thumbprint &ndash; public key thumbprints<br>
+    
+</table>
+<p><font size=+1><b>DESCRIPTION     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    Applications in Plan 9 that use public keys for authentication,
+    for example by calling <tt><font size=+1>tlsClient</font></tt> and <tt><font size=+1>okThumbprint</font></tt> (see <a href="../man3/pushtls.html"><i>pushtls</i>(3)</a>),
+    check the remote side&#8217;s public key by comparing against thumbprints
+    from a trusted list. The list is maintained by people who set
+    local policies about which servers can be trusted
+    for which applications, thereby playing the role taken by certificate
+    authorities in PKI-based systems. By convention, these lists are
+    stored as files in <tt><font size=+1>/sys/lib/tls/</font></tt> and protected by normal file
+    system permissions. 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    
+    Such a thumbprint file comprises lines made up of attribute/value
+    pairs of the form <i>attr</i><tt><font size=+1>=</font></tt><i>value</i> or <i>attr</i>. The first attribute must
+    be <tt><font size=+1>x509</font></tt> and the second must be <tt><font size=+1>sha1=</font></tt><i>{hex</i><tt><font size=+1>checksum</font></tt><i>of</i><tt><font size=+1>binary</font></tt><i>certificate}.</i>
+    All other attributes are treated as comments. The file may also
+    contain lines of the form <tt><font size=+1>#include</font></tt><i>file 
+    <table border=0 cellpadding=0 cellspacing=0><tr height=5><td></table>
+    </i>
+    For example, a web server might have thumbprint<br>
+    <tt><font size=+1>x509 sha1=8fe472d31b360a8303cd29f92bd734813cbd923c cn=*.cs.bell&#8722;labs.com<br>
+    </font></tt>
+</table>
+<p><font size=+1><b>SEE ALSO     </b></font><br>
+
+<table border=0 cellpadding=0 cellspacing=0><tr height=2><td><tr><td width=20><td>
+
+    <a href="../man3/pushtls.html"><i>pushtls</i>(3)</a><br>
+    
+</table>
+
+<td width=20>
+<tr height=20><td>
+</table>
+<!-- TRAILER -->
+<table border=0 cellpadding=0 cellspacing=0 width=100%>
+<tr height=15><td width=10><td><td width=10>
+<tr><td><td>
+<center>
+<a href="../../"><img src="../../dist/spaceglenda100.png" alt="Space Glenda" border=1></a>
+</center>
+</table>
+<!-- TRAILER -->
+</body></html>
-- 
cgit v1.2.3