[tor-bugs] #13553 [RPM packaging]: CA pinning for the RPM repo
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 4 11:28:00 UTC 2014
#13553: CA pinning for the RPM repo
-------------------------------+--------------------
Reporter: cypherpunks | Owner: hiviah
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: RPM packaging | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-------------------------------+--------------------
Comment (by hiviah):
Isn't this a chicken-and-egg problem? If you use "yum install
https://deb.torproject.org/..." then no SSL/TLS pinning will take effect
anyway. What you get though, is the need to tell users to update the RPM
manually should the pinned CA cert ever change.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13553#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list