[tor-bugs] #1676 [Tor bundles/installation]: Audit jabber/XMPP support for pidgin

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sat May 12 09:33:11 UTC 2012


#1676: Audit jabber/XMPP support for pidgin
--------------------------------------+-------------------------------------
 Reporter:  katmagic                  |          Owner:  ioerror 
     Type:  defect                    |         Status:  assigned
 Priority:  critical                  |      Milestone:          
Component:  Tor bundles/installation  |        Version:          
 Keywords:  pidgin, DNS               |         Parent:  #2918   
   Points:                            |   Actualpoints:          
--------------------------------------+-------------------------------------

Comment(by xnyhps):

 Just wanted to mention that there is a 4th case for GTalk: old-style SSL
 on port 5223 (seems to also work over 443). When connecting there, Google
 always responds with a certificate for talk.google.com, even when it later
 turns out the user was using a GMail-account. So this would currently work
 in both the GAFYD case and the GMail case, and can be done if you want to
 avoid patching Pidgin.

 (Old-style SSL also means the domain a user wishes to use is not
 transmitted in plain text, contrary to the case of STARTTLS, but I'm not
 sure if this is really something for you to be concerned about.)

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1676#comment:43>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list