[tbb-dev] TBB 3.6.6 and self-signed certificates
mikeperry at torproject.org
Wed Oct 8 20:26:03 UTC 2014
> Bram de Boer wrote:
> >> Bram de Boer wrote:
> >>> The page I was having trouble with is https://nosur.com
> >>> [...]
> > Georg Koppen wrote:
> >> I *cannot* connect to the site at the moment despite
> >> switching the pref as you did.
> > Thanks for trying. And can you access the website with TBB 3.6.5? If so,
> > that confirms the behaviour I have been seeing.
> > I have found one difference between 3.6.5 and 3.6.6 that still
> > consistently occurs; perhaps by-design?
> > - Preferences > Privacy > Use custom settings for history
> > - Untick "Always use private browsing mode". TB will now restart
> > - Visit website with self-signed certificate
> > - Tick "Permanently store this exception"
> > - Clicking [Confirm Security Exception] won't have any effect. The
> > button animates the click but nothing happens?!
> > This occurs with both https://www.patternsinthevoid.net and
> > https://nosur.com. I have successfully used the flow described above with
> > all previous TBB versions. Afterwards I immediately re-enable the "Always
> > use private browsing mode" option and then have the permanent exception
> > for the website.
> > Was this behaviour changed by design? If so, it might be user-friendlier
> > to just disable the checkbox, rather than having a non-functional button.
> That is part of the patch behind the "security.nocertdb" preference.
> I.e. if you set it to "false" your workaround is still supposed to work.
> That said it might be smarter to bind that preference to the private
> browsing mode (as the "Permanently store this exception"-checkbox
> already is) than messing with the checkbox itself. Do you mind opening a
> ticket at https://trac.torproject.org?
> > What is the recommended way to add a permanent exception (if at all,
> > because that would obviously make the user uniquely fingerprintable).
> There is no recommended way :) but as I said above switching
> "security.nocertdb" to "false" should help.
For me, it was only broken if disk history is enabled. Otherwise the
I just filed
https://trac.torproject.org/projects/tor/ticket/13366 for this, and
fixed it by switching the pref to false automatically when disk history
storage is enabled in Torbutton.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: Digital signature
More information about the tbb-dev