[tbb-bugs] #17965 [Tor Browser]: Isolate HPKP pinning to url bar domain
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jan 1 23:16:54 UTC 2016
#17965: Isolate HPKP pinning to url bar domain
-------------------------------------------------+-------------------------
Reporter: mikeperry | Owner: tbb-
Type: defect | team
Priority: High | Status:
Component: Tor Browser | needs_information
Severity: Normal | Milestone:
Keywords: tbb-linkability, | Version:
TorBrowserTeam201601 | Resolution:
Parent ID: | Actual Points:
Sponsor: | Points:
-------------------------------------------------+-------------------------
Comment (by gk):
And, for the record, see
https://zyan.scripts.mit.edu/presentations/toorcon2015.pdf slides 21ff.
where an attack scenario is described in more detail that should be moot
with binding HPKP state to the URL bar domain.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17965#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list