#3555: TBB: hardcode SSL cert check to prevent MITM
----------------------------------------+-----------------------------------
Reporter: tagnaq | Owner: mikeperry
Type: defect | Status: assigned
Priority: blocker | Milestone: TorBrowserBundle
2.2.x-stable
Component: Tor bundles/installation | Version:
Keywords: MikePerryIteration20110911 | Parent:
Points: 1 | Actualpoints:
----------------------------------------+-----------------------------------
Comment(by mikeperry):
ASN found the root cert lists:
https://mxr.mozilla.org/mozilla-
central/source/security/nss/lib/ckfw/builtins/certdata.c
https://mxr.mozilla.org/mozilla-
central/source/security/manager/ssl/src/nsIdentityChecking.cpp
Not sure if we should just hardcode our leaf in there too..
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3555#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
