You know when a browser communicates with a server over SSL, in the SSL handshake you get a certificate from the server which is vouched by a Certificate Authority. That means for secure communication to exist one has to solely trust the CA to ensure secure communication. It is a known fact that these CAs can't be trusted, so i need an extra check on the client side to confirm if its the actual certificate and the true identity from the server its coming from. This is what i set out to do.
They've been some solutions to this such as petname and co using browser extensions. Because i want to give my project a kind of novelty and meaning i want to use an Applet instead basically because it can work on different platforms and "they say Applet are faster than add ons which i don't know yet" so that i can do a performance analysis. Please, can you guide me in achieving this??
My Applet will operate locally, probably by looking into the browser's certificate store and do this security check with java codes. I just need help on how to go about this. Thanks.
Another thing is, is there any way i can get this certificate before hand so that a client won't be forced to accept these bogus certificates.