[tbb-bugs] #23247 [Applications/Tor Browser]: Communicating security expectations for .onion: what to say about different padlock states for .onion services

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Apr 16 01:58:15 UTC 2019


#23247: Communicating security expectations for .onion: what to say about different
padlock states for .onion services
-------------------------------------------------+-------------------------
 Reporter:  isabela                              |          Owner:
                                                 |  pospeselr
     Type:  project                              |         Status:
                                                 |  reopened
 Priority:  High                                 |      Milestone:
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  ux-team, tor-hs,                     |  Actual Points:
  TorBrowserTeam201806R                          |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by easymode):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Can you guys please fix
 https://trac.torproject.org/projects/tor/ticket/30107#comment:9 ?

 Anyone can create custom CA authority and generate self-sign certificate
 signed by custom CA.
 And Tor Browser display pad lock icon.

 Can't you display padlock if the protocol is https:// on .onion?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23247#comment:80>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list