[tor-bugs] #24351 [Applications/Tor Browser]: Block Global Active Adversary Cloudflare
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun May 10 01:17:46 UTC 2020
#24351: Block Global Active Adversary Cloudflare
-------------------------------------------------+-------------------------
Reporter: nullius | Owner:
| cypherpunks
Type: enhancement | Status:
| assigned
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Major | Resolution:
Keywords: security, privacy, anonymity, mitm, | Actual Points:
cloudflare, TorBrowserTeamTriaged |
Parent ID: #18361 | Points: 1000
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
> certificate
> NET::ERR_CERT_AUTHORITY_INVALID
It's Chrome error.
Tor Browser/Firefox will get SEC_ERROR_UNKNOWN_ISSUER.
> contact form is broken
Interesting... I've contacted them recently without problem.
.onion is verified by Tor prop224 system. Adding self-sign certificate is
not a problem but yeah, Tor project could've remove SEC_ERROR error.
.onion certificate, how much? Searched about it and I've found this:
https://www.digicert.com/blog/ordering-a-onion-certificate-from-digicert/
1 Year $688.00 USD / year
Who's going to donate? I use their service but sorry I won't. This is Tor
Browser's problem. https on Tor should be ignored.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24351#comment:195>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list