Chromium, but more secure. It is even better when paired with this extension.
When the channel is secure:
When a man-in-the-middle tampers with the channel:
What an eavesdropper at the application layer would see during a request:
What an eavesdropper at the application layer would see during a response:
- Client to Origin Server Confidentiality & Integrity
- Origin Server to Client Confidentiality, Integrity & Authenticity
- Add logic and visuals for failing checks
- Change names from "Integrity Guard" to "Secure Channel"
- Retrieve key and enrollment information from public key server
- Cache retrieved public keys
- Add encryption for request body
- Add AEAD for response body
- Check integrity of request (e.g. prepend order number + hash of request header + body inside plaintext & check on server side)