[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #19192 [Applications/Tor Browser]: untrust bluecoat CA

Subject: Re: [tor-bugs] #19192 [Applications/Tor Browser]: untrust bluecoat CA
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 04 Mar 2017 03:46:21 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 03 Mar 2017 22:48:42 -0500
In-reply-to: <045.433396b0ad3d0c7f71ec6770c56e99cf@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.433396b0ad3d0c7f71ec6770c56e99cf@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#19192: untrust bluecoat CA
--------------------------------------+--------------------------
 Reporter:  mrphs                     |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------
Changes (by cypherpunks):

 * priority:  Very High => Medium
 * severity:  Major => Normal


Comment:

 The Department of Defense has a CA. South Korean government has a CA.
 China has a CA. Why are we trusting them? Though admittedly the DoD PKI is
 not trusted by Firefox, even if it is in the Windows trust store. The CA
 system itself is broken. It's not up to us to fix it by blacklisting
 authorities we dislike.

 The point is that I agree with Yawning and gk. We shouldn't get into the
 "which CAs are evil" game.

 I think this ticket should be closed, myself.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19192#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #21034 [Applications/Tor Browser]: Per site security settings?
Next by Author: Re: [tor-bugs] #21576 [Core Tor/Tor]: Bug: Assertion linked_dir_conn_base failed in connection_ap_handshake_send_begin
Previous by thread: Re: [tor-bugs] #20146 [Applications/Tor Browser]: Firefox bug - (CVE-2016-5284) ESR-45/Tor Browser certificate pinning bypass for addons.mozilla.org and other built-in sites
Next by thread: Re: [tor-bugs] #19192 [Applications/Tor Browser]: untrust bluecoat CA
Index(es):
- Author
- Thread