[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How to pin the SSL certificate for torproject.org?



adrelanos:
> A malicious certificate for torproject.org has been given out at least
> twice by broken certificate authorities. (Comodo, DigiNotar, who is next...)
> 
> To prevent that in future, I'd like to pin the SSL certificate's
> fingerprint. How can that be done? Running an own local CA or is there
> an easier way?
> 
> How to download the SSL public key from torproject.org and sign it with
> a local CA?
> 

Old unsolved thread. This is now answered:

https://sourceforge.net/p/whonix/wiki/Dev_sslcertpinning/
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk