Canonical Wikileaks URLs and SSL certificate fingerprints.

Jul 31, 2010

Official Wikileaks document submission URLs:

https://sunshinepress.org/
http://suw74isz7wqzpmgu.onion/ (Tor only)

Source: /pictures/the_next_hope-2010/img_1624.jpg, taken 17 July 2010 at the keynote address. Image taken of Jacob Appelbaum's presentation slide.

Official SHA-256, SHA-1, and MD5 fingerprints of the Wikileaks document submission URLs:

SHA-256:
85:C3:77:8E:7F:BC:96:42:CF:EE:03:B0:AC:4A:2A:26:
15:18:CB:50:41:EC:7A:2A:CC:9F:56:60:67:94:04:7E

SHA-1:
68:C3:4B:3D:05:7A:53:E3:8C:FE:
71:F1:30:3D:8A:AD:8E:33:0A:76

MD5:
4B:6F:6A:D8:A2:29:7F:06:F3:4F:33:EE:74:32:1C:F8

Source: /pictures/the_next_hope-2010/img_1626.jpg, taken 17 July 2010 at the keynote address. Image taken of Jacob Appelbaum's presentation slide.

While I do not condone the leaking of documents, if one is inclined to do so for any reason it is imperative that you verify the cryptographic hashes of the SSL certificate presented to you by the Wikileaks document submission site. If they do not match do not continue the submission process, it likely means that someone is attempting a man-in-the-middle attack against you.