[TriLUG] Semi-OT: Detecting HTTPS inspection? Does that compromise SSH?

[Alan Porter]

> One solution to this is to pin certificates. Basically, your browser 
> will
> cache the certificate, or rather its fingerprint, and if that changes 
> will
> notify you

There is a plugin called "Certificate Patrol" that is supposed to do 
this.

I installed this plugin at work right before Oracle acquired my 
company,
thinking that it would tell me if Oracle IT was playing MITM.  However,
all of the tests that I ran using my own domains and my own CA's were
inconclusive... it never warned me when I changed my own certificates.

Alan