A malicious certificate for torproject.org has been given out at least twice by broken certificate authorities. (Comodo, DigiNotar, who is next...)
To prevent that in future, I'd like to pin the SSL certificate's fingerprint. How can that be done? Running an own local CA or is there an easier way? How to download the SSL public key from torproject.org and sign it with a local CA? ______________________________________________________ powered by Secure-Mail.biz - anonymous and secure e-mail accounts. _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
