[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Disabling the warning for self signed certificates in Tor Browser

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Disabling the warning for self signed certificates in Tor Browser
From: Martin Kepplinger <martink@xxxxxxxxx>
Date: Wed, 23 Apr 2014 09:46:44 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 23 Apr 2014 03:56:36 -0400
In-reply-to: <5356120E.9000207@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <534E956A.6020302@xxxxxxx> <5356120E.9000207@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux i686; rv:17.0) Gecko/20131104 Icedove/17.0.10

Am 2014-04-22 08:54, schrieb Georg Koppen:
> antispam06@xxxxxxx:
>> Could Tor Browser kill or minimize the warning triggered by entering a
>> site with a self signed certificate?
> 
> Killing is not a good idea. What do you mean with "minimize"?
> 
> Georg
> 
> 
> 
> 
I've wanted that for browsers too. Don't kill it, but notify
("non-blocking") that you should manually verify a checksum (bonus: just
display the sha1 directly).

You should check a checksum manually either way. Contious web services
post the sha1 of a new certificate (or offer to send it via sms or
whatever) and offer you to check it manually. Although it's signed by
some CA.

Self-signing is not at all less secure, quite often the opposite is true.

I'd *love* a firefox-notification (just like "plugin is missing") that
just reads the sha1 of the certificate in big letters.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Disabling the warning for self signed certificates in Tor Browser
  - From: antispam06
- Re: [tor-talk] Disabling the warning for self signed certificates in Tor Browser
  - From: Georg Koppen

Prev by Author: [tor-talk] Tails on virtual machine.
Next by Author: Re: [tor-talk] US ip address
Previous by thread: Re: [tor-talk] Disabling the warning for self signed certificates in Tor Browser
Next by thread: Re: [tor-talk] Disabling the warning for self signed certificates in Tor Browser
Index(es):
- Author
- Thread