One-click website auditing.
PageSigner allows you to "notarize" web pages. Think of it as a cryptographically secure webpage screenshot - it's different from an ordinary screenshot in that it can't be edited in Photoshop; it really proves that you received that data from the server. You can then share that proof with anyone you like.
UPDATE October 2020. Please be aware that PageSigner 2.0 no longer follows the TLSNotary protocol. Read more https://tlsnotary.org/wp/?p=45
PageSigner is based on TLSNotary, as described on the main page of this website.
PageSigner can be thought of as an extra layer on top of TLSNotary which makes it both more useable and more powerful. Some key points:
A lot more than you think. The server made available provably runs the code found here, and the Firefox extension checks the validity of the "oracle" machine in real time to ensure this. This "oracle" code is run on an Amazon AWS instance. The only possible way that the oracle could be "lying" is if some very serious breach of trust were to occur at Amazon itself. Others could run this open source code; servers can be run anywhere. Just as important, the server is not trusted with any encrypted or unencrypted data and thus has nothing of value to hackers. The server is not keeping track of sessions (provably). The only information that ever resides on the oracle is the public key of websites that are being notarized. Additionally, the signing key used for making notarization signatures is kept on a separate server on AWS using the same oracle model.
Note, specifically, that this oracle server defends against collusion between a server operator and a person trying to create a fake notarization - there is no one to bribe to get a false notarization.
As explained in the walkthrough video, to get started you only have to install the Firefox extension and then click the button to notarize any https page. The output is a file, with extension .pgsg. You can see a couple of examples hosted on the site here.
You can only notarize pages if the url starts with https:// (and you see a green or grey padlock, i.e. the site must be trusted by your browser). However, that's not the only restriction. We have found in testing that 95+% of sites will accept TLSNotary connections and deliver a response. But of those, only perhaps 80% will result in a useful audit. This is mostly because some sites deliver their content in a particular dynamic way that means the exact data you see on the webpage is not reproduced when reloaded by PageSigner. For this reason, don't make decisions on the assumption that a page can be notarized by PageSigner - always test it first.