PageSigner PageSigner

One-click website auditing.

PageSigner allows you to "notarize" web pages. Think of it as a cryptographically secure webpage screenshot - it's different from an ordinary screenshot in that it can't be edited in Photoshop; it really proves that you received that data from the server. You can then share that proof with anyone you like.

Quick start video

How it works

PageSigner is based on TLSNotary, as described on the main page of this website.

PageSigner can be thought of as an extra layer on top of TLSNotary which makes it both more useable and more powerful. Some key points:

  • You don't send your data to the PageSigner server, not even in encrypted form.
  • The PageSigner server doesn't man-in-the-middle your connection in any way.
  • The PageSigner server signs some cryptographic data after you've finished accessing the webpage.
  • After receiving the notarized proof, you can pass it onto others as a file.
The description so far might seem a bit fantastical, but this is a consequence of how TLSNotary, the underlying technology, works. A little bit more explanation can be found in this blog post, and the technical nitty-gritty is in the whitepaper linked at the top of the page.

Can I trust the PageSigner server?

A lot more than you think. The server made available provably runs the code found here, and the Firefox extension checks the validity of the "oracle" machine in real time to ensure this. This "oracle" code is run on an Amazon AWS instance. The only possible way that the oracle could be "lying" is if some very serious breach of trust were to occur at Amazon itself. Others could run this open source code; servers can be run anywhere. Just as important, the server is not trusted with any encrypted or unencrypted data and thus has nothing of value to hackers. The server is not keeping track of sessions (provably). The only information that ever resides on the oracle is the public key of websites that are being notarized. Additionally, the signing key used for making notarization signatures is kept on a separate server on AWS using the same oracle model.

Note, specifically, that this oracle server defends against collusion between a server operator and a person trying to create a fake notarization - there is no one to bribe to get a false notarization.

As explained in the walkthrough video, to get started you only have to install the Firefox extension and then click the button to notarize any https page. The output is a file, with extension .pgsg. You can see a couple of examples hosted on the site here.

What websites does PageSigner work with?

You can only notarize pages if the url starts with https:// (and you see a green or grey padlock, i.e. the site must be trusted by your browser). However, that's not the only restriction. We have found in testing that 95+% of sites will accept TLSNotary connections and deliver a response. But of those, only perhaps 80% will result in a useful audit. This is mostly because some sites deliver their content in a particular dynamic way that means the exact data you see on the webpage is not reproduced when reloaded by PageSigner. For this reason, don't make decisions on the assumption that a page can be notarized by PageSigner - always test it first.

Support Development