[tbb-dev] How does Tor Browser treat locally-installed CA cert?

Tom Ritter tom at ritter.vg
Wed Jan 27 16:10:56 UTC 2016

On 27 January 2016 at 03:30, Linus Nordberg <linus at torproject.org> wrote:
> Hi,
> As part of working on the CT Gossip draft [0] I find myself thinking
> about local trust anchors and how they might change browser behaviours.
> My understanding is that Tor Browser behaves like Firefox wrt locally
> added CA certs. If that's correct, do you know if FF treats pinning the
> way the "What Is HPKP For?" post [1] describes it?

AFAIK no changes have been made to the TLS stack or local trust roots
except disabling session resumption, and enabling TLS 1.2 by default
(which I think FF has finally caught up with TBB).  So yes, if one
added a local root to TBB it would override pinning.  However, neither
add-ons nor locally added roots seem to survive "New Identity". I
think it's unlikely many TBB users have locally installed roots,
considering they'd have to re-add them all the time.

In the past I have advocated for both curating the Trust Store more
aggressively, and experimenting with TLS stack changes, but the
problems there are the political concerns that come with running your
own Trust Store and maintaining the stack changes.

> Another question that I find interesting is if TB could do better
> regarding fingerprintability based on what TLS session the browser
> accepts.

I'm not sure what you mean here, could you elaborate?


More information about the tbb-dev mailing list