[tbb-dev] Tor Messenger and Certificates
isis at torproject.org
Sun Nov 2 00:14:09 UTC 2014
Sukhbir Singh transcribed 0.9K bytes:
> Hi list,
> We are thinking of including certificates for OFTC, CCC, etc. with Tor
> Messenger, since some of these popular chat servers use self-signed
> certificates. Quick questions about this:
> - Is this a good idea -- including these certificates by default? Or
> should we let the users click on "add exception" and then add the
> certificates themselves?
It's probably friendlier to package them in, since they are frequently used by
a large number of people.
I can't think of any messaging programs off the top of my head which
explicitly bundles in commonly used self-signed certifications. Somewhat
similarly, however, Adam Langley's xmpp-client does hardcode a list of .onion
addresses for commonly used XMPP servers.  As such, it's probably
acceptable to add certificates in a transparent manner.
♥Ⓐ isis agora lovecruft
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1154 bytes
Desc: Digital signature
More information about the tbb-dev