[tbb-bugs] #13410 [Tor Browser]: Disable self-signed certificate warnings when visiting .onion sites
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat May 16 04:08:27 UTC 2015
#13410: Disable self-signed certificate warnings when visiting .onion sites
-----------------------------+----------------------
Reporter: tom | Owner: tbb-team
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor Browser | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+----------------------
Comment (by vynX):
Yes, I was about to open the same feature enhancement request. The
addresses of hidden services are a much stronger guarantee of authenticity
than any damn certificate. It is completely irrelevant which certificate
the website is offering and in fact it apparently takes special bribing to
have a valid cert issued for an .onion although there is no reason for
that. CAs could give out onion certs with zero checks since only the owner
of the private key can make any use of it.
Please make use of the technological advantages of Tor. Don't let legacy
crap impede us from fully enjoying end-to-end TLS (which is relevant when
your Tor router isn't the same machine as your Tor browser).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13410#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list