[tbb-bugs] #19192 [Applications/Tor Browser]: untrust bluecoat CA

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Mar 4 03:46:21 UTC 2017


#19192: untrust bluecoat CA
--------------------------------------+--------------------------
 Reporter:  mrphs                     |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:                            |  Actual Points:
Parent ID:                            |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------
Changes (by cypherpunks):

 * priority:  Very High => Medium
 * severity:  Major => Normal


Comment:

 The Department of Defense has a CA. South Korean government has a CA.
 China has a CA. Why are we trusting them? Though admittedly the DoD PKI is
 not trusted by Firefox, even if it is in the Windows trust store. The CA
 system itself is broken. It's not up to us to fix it by blacklisting
 authorities we dislike.

 The point is that I agree with Yawning and gk. We shouldn't get into the
 "which CAs are evil" game.

 I think this ticket should be closed, myself.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19192#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list