[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3555 [Applications/Tor Browser]: Pin *.torproject.org's certs in TBB

Subject: Re: [tor-bugs] #3555 [Applications/Tor Browser]: Pin *.torproject.org's certs in TBB
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 07 Oct 2016 06:22:44 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 07 Oct 2016 02:22:57 -0400
In-reply-to: <046.c2ea710aee20fc4b7602ccfbf995f897@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.c2ea710aee20fc4b7602ccfbf995f897@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#3555: Pin *.torproject.org's certs in TBB
--------------------------------------+--------------------------
 Reporter:  tagnaq                    |          Owner:  tbb-team
     Type:  enhancement               |         Status:  reopened
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-firefox-patch         |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------

Comment (by bugzilla):

 Replying to [comment:30 yawning]:
 > No.  `aus1.torproject.org` is not pinned.  Unless we don't care about
 just the alpha/hardened channels update metadata information.
 Hmm, neverending ticket? (gk doesn't like when closed tickets are reopened
 for regressions)
 Have you read all Mike's comments here?
 This story ended and got upstreamed (yes, the summary is talking about
 something else).
 As you can see, *.tpo was not pinned entirely (despite it's easier), so
 there were reasons to create this special handling. And for your
 "regression" there is #20180.

 But it's good to mention that thoughts discussed in this ticket about
 creating your own pinning infrastructure instead of relying of FF's
 pinsets are worth to be addressed in a new proposal.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3555#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #19043 [Core Tor/Tor]: prop224: Implementation of ESTABLISH_INTRO cell
Next by Author: Re: [tor-bugs] #14881 [Core Tor/Tor]: incorrect defaults when producing bandwidth-weights line in directory footer
Previous by thread: Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo
Next by thread: Re: [tor-bugs] #20180 [Internal Services/Tor Sysadmin Team]: Pin public keys for aus1.tpo and cdn.tpo
Index(es):
- Author
- Thread