[tor-talk] How evil is TLS cert collection?

[grarpamp]

> But, if the EFF runs an exit enclave at observatory.eff.org, shouldn't

Always thought it would be useful to have a third party service
where you could feed it a cert's sha1 fingerprint and it would
return 0 or 1 if it felt that fp was legit.
Many people have only one supposedly 'clear' view of the net
from which to see. Tor exits certainly cannot be trusted to
have a taint free view. And verification with CA issuer/subject
is a pain. Call it a looking glass without guarantee.