[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #20461 [Applications/Tor Browser]: Ship “static cache” of intermediate CAs

Subject: [tor-bugs] #20461 [Applications/Tor Browser]: Ship “static cache” of intermediate CAs
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 25 Oct 2016 16:37:14 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 25 Oct 2016 12:37:26 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#20461: Ship “static cache” of intermediate CAs
------------------------------------------+----------------------
     Reporter:  nicoo                     |      Owner:  tbb-team
         Type:  enhancement               |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+----------------------
 TBB produces certificate validation errors on incomplete certificate
 chains, which may “somewhat work” on other browsers due to intermediary
 CAs being present in caches.

 This is problematic, as this leads users to expect certificate errors on
 certain sites and simply click-through, effectively teaching them terrible
 security practices.

 We could ship, with TBB, a builtin list of “cached” intermediate CAs that
 are prevalent among misconfigured servers. This data can be obtained from
 TLS Observatory's data, according to ulfr.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20461>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #20461 [Applications/Tor Browser]: Ship “static cache” of intermediate CAs
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #20461 [Applications/Tor Browser]: Ship “static cache” of intermediate CAs
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #20448 [Core Tor/Tor]: automake warnign about deprecated left brace
Next by Author: Re: [tor-bugs] #20414 [Applications/Tor Browser]: Donation banner on about:tor page for 2016 campaign
Previous by thread: Re: [tor-bugs] #19142 [Core Tor/Tor]: Remove the environ configure check
Next by thread: Re: [tor-bugs] #20461 [Applications/Tor Browser]: Ship “static cache” of intermediate CAs
Index(es):
- Author
- Thread