[tbb-bugs] #13926 [Tor Browser]: No certificate hierarchy

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Feb 19 17:59:18 UTC 2016

#13926: No certificate hierarchy
 Reporter:  cypherpunks              |          Owner:  tbb-team
     Type:  defect                   |         Status:  reopened
 Priority:  Medium                   |      Milestone:
Component:  Tor Browser              |        Version:
 Severity:  Normal                   |     Resolution:
 Keywords:  tbb-usability, ff38-esr  |  Actual Points:
Parent ID:                           |         Points:
  Sponsor:                           |
Changes (by bugzilla):

 * severity:   => Normal


 > if security.nocertdb=false (not the default), then the intermediate CA
 is found in the permanent / built-in certificate store even after it has
 been purged
 temporary (SSL context) certificate store has been purged (?)

 For https://github.com/
 {{{TypeError: cert is null}}} in
 chrome://pippki/content/viewCertDetails.js : 270:4
 {{{    asn1Tree.loadASN1Structure(cert.ASN1Structure);}}}
 from the beginning.

 {{{nocertdb}}} means "not to store certs" by its name. (But who knows what
 Mozilla thought...)
 So, no cert db  - is not the resolution.

 cert db must be permanent / session, isolated, in-memory, purgable. SSL
 context - isolated, in-memory.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13926#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list