Instead of drawing on a URL checking database, the Perspectives plug-in verifies the site’s certificate with at least four notary servers on the Internet. These servers verify the certificate and, perhaps more importantly, compare the certificate with what certificate data the site previously offered.
This allows the plug-in to identify those Web sites which have been hacked into and whose pages have been replaced, as well as situations where a hacker has intercepted a users public access WiFi session and is re-routing their URL calls for malicious purposes - a process known as a man-in-the-middle attack.
The problem of site certificates has been complicated in recent times by the fact that, although most site certificates are third-party verified, a growing number now self-certify, making a meaningful analysis of the sites’ veracity almost impossible.
The process of site security certificate validation can be carried out manually by users, using pop-ups and third-party sites, but few Firefox users are capable of such complex checks, which is why the University research team says it developed the Perspectives plug-in.
University researchers say that their plug-in will automatically override the Firefox 3 security error page without scaring the user if the site appears legitimate.
If Perspectives receives anything less than a majority opinion from the polled notary servers, the software shows a warning page that reads: "Suspected attack: Perspectives was unable to verify the security of your connection to this Web site."
http://www.cs.cmu.edu/~perspectives/index.html