[tor-bugs] #5154 [EFF-HTTPS Everywhere]: non-Torbutton SSL Observatory + hotel network => lots of cert warnings
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Feb 16 18:38:38 UTC 2012
#5154: non-Torbutton SSL Observatory + hotel network => lots of cert warnings
----------------------------------+-----------------------------------------
Reporter: pde | Owner: pde
Type: defect | Status: new
Priority: normal | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Description changed by pde:
Old description:
> If the user enables the SSL Obseravtory in non-Torbutton mode, and they
> land on a network that MITMs TKS, the browser will render a stream of
> certificate warnings caused by Observatory submissions.
>
> What we should do instead is save up the certs for submission once the
> network stops attacking us.
>
> This can be achieved with
> [https://developer.mozilla.org/en/nsIBadCertListener2
> nsIBadCertListener2].
>
> This is probably blocking the popup for the Observatory for non-Torbutton
> users.
New description:
If the user enables the SSL Obseravtory in non-Torbutton mode, and they
land on a network that MITMs TLS, the browser will render a stream of
certificate warnings caused by Observatory submissions.
What we should do instead is save up the certs for submission once the
network stops attacking us.
This can be achieved with
[https://developer.mozilla.org/en/nsIBadCertListener2
nsIBadCertListener2].
This is probably blocking the popup for the Observatory for non-Torbutton
users.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5154#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list