[tbb-dev] Tor Messenger and Certificates

Sukhbir Singh azadi at riseup.net
Mon Dec 1 05:38:33 UTC 2014


Thank you everyone for your comments.

Based on the feedback and our own discussions, we are going with this
for now:

Instead of adding the root certificates, we have decided to ship a
cert_override.txt [0] populated with the services we care about (OFTC,
jabber.ccc.de). This will allow users to connect these services without
the scary certificate warnings, and without us adding the root
certificates to Tor Messenger. (When you add a certificate exception, it
gets saved to the cert_override.txt in the profile directory.)

[0] - https://developer.mozilla.org/en-US/docs/Cert_override.txt

-- 
Sukhbir


More information about the tbb-dev mailing list