[tor-bugs] #3555 [Tor bundles/installation]: TBB: hardcode SSL cert check to prevent MITM

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sun Aug 28 20:02:04 UTC 2011

#3555: TBB: hardcode SSL cert check to prevent MITM
 Reporter:  tagnaq                      |          Owner:  mikeperry                    
     Type:  defect                      |         Status:  assigned                     
 Priority:  major                       |      Milestone:  TorBrowserBundle 2.2.x-stable
Component:  Tor bundles/installation    |        Version:                               
 Keywords:  MikePerryIteration20110828  |         Parent:                               
   Points:  1                           |   Actualpoints:                               

Comment(by mikeperry):

 Bleh, the only reference I can find for this in the Firefox source is the
 pref app.update.certs.1.commonName. The pref is used in
 ./toolkit/mozapps/update/nsUpdateService.js seems to only be used to check
 the common name in the Checker.onLoad handler via CertUtils.checkCert.

 The checkCert function does some additional checks to make sure the
 channel is using a built-in cert, but I still don't see where in the
 source distribution this builtin lives.

 It also seems to say that we can't just include our cert, even if we
 wanted. We must also cause this checkCert to get called for our addon
 updates, otherwise the adversary could use a CA independent of our builtin
 and it will still work..

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3555#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list