[tbb-dev] How does Tor Browser treat locally-installed CA cert?

Linus Nordberg linus at torproject.org
Wed Jan 27 09:30:37 UTC 2016


As part of working on the CT Gossip draft [0] I find myself thinking
about local trust anchors and how they might change browser behaviours.

My understanding is that Tor Browser behaves like Firefox wrt locally
added CA certs. If that's correct, do you know if FF treats pinning the
way the "What Is HPKP For?" post [1] describes it?

Another question that I find interesting is if TB could do better
regarding fingerprintability based on what TLS session the browser

[0] https://datatracker.ietf.org/doc/draft-ietf-trans-gossip/
[1] https://noncombatant.org/2015/11/24/what-is-hpkp-for/

More information about the tbb-dev mailing list