Hi, Anonymous Remailer (austria) wrote (17 Oct 2013 17:58:39 GMT) : > I have a question:
@OP: first, it seems you have cross-posted this to at least tor-talk, tails-dev and Full-Disclosure, without making it clear with an explicit Cc:. This will painfully lead to various unlinked discussions and will be a mess for us to address this question. So, please don't do that next time, thanks in advance :) I'm setting I-R-T and References headers to at least avoid breaking the thread on tor-talk and tails-dev. > Tor Browser Bundle - Firefox ESR 17.0.9 (LATEST TOR) > Compared to: Iceweasel 17.0.9 (LATEST TAILS Linux distribution) > To be found in Tails (not found in TBB), some additional certificates: Thanks for carefully auditing this aspect of Tails. > DigiCert Inc -> DigiCert High Assurance EV CA-1 > DigiCert Inc -> DigiCert High Assurance CA3 > GeoTrust Inc. -> Google Internet Authority G2 > StartCom Ltd. -> StartCom Class 2 Primary Intermediate Server CA > The Go Daddy Group, Inc -> Go Daddy Secure Certification Authority > The USERTRUST Network -> Gandi Standard SSL CA > > All these are listed as "Software Security Device" certificaties. > The others are "Builtin Object Token" and baked in the browser. Tails ships NSS 2:3.14.3-1~bpo60+1 from Debian squeeze-backports. If you are interested in investigating this any further, next step is to compare with the version of NSS that is shipped by (or linked into, or something) the TBB. > Question is: did TAILS added some extra CA's ? No, we don't add any CA to Tails. Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk