glenda.party
term% ls -F
term% cat index.txt
THUMBPRINT(6)                    Games Manual                    THUMBPRINT(6)



NAME
       thumbprint - public key thumbprints

DESCRIPTION
       Applications in Plan 9 that use public keys for authentication, for ex‐
       ample by calling tlsClient and okThumbprint (see pushtls(2)), check the
       remote  side's  public  key  by  comparing  against  thumbprints from a
       trusted list.  The list is maintained by people who set local  policies
       about  which  servers  can  be  trusted for which applications, thereby
       playing the role taken by certificate authorities in PKI-based systems.
       By  convention,  these  lists  are stored as files in /sys/lib/tls/ and
       protected by normal file system permissions.

       Such a thumbprint file comprises lines made up of attribute/value pairs
       of  the  form attr=value or attr.  The first attribute must be x509 and
       the second must be  sha1={hexchecksumofbinarycertificate}.   All  other
       attributes are treated as comments.  The file may also contain lines of
       the form #includefile

       For example, a web server might have thumbprint
       x509 sha1=8fe472d31b360a8303cd29f92bd734813cbd923c cn=*.cs.bell-labs.com

SEE ALSO
       pushtls(2)



                                                                 THUMBPRINT(6)