[tor-bugs] #7179 [EFF-HTTPS Everywhere]: Ths SSL Observatory feature leaks DNS requests without the TBB
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Oct 26 22:01:23 UTC 2012
#7179: Ths SSL Observatory feature leaks DNS requests without the TBB
----------------------------------+-----------------------------------------
Reporter: gk | Owner: pde
Type: defect | Status: new
Priority: critical | Milestone:
Component: EFF-HTTPS Everywhere | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Comment(by pde):
I wonder if we could manually whitelist the observatory.eff.org end-entity
cert as trusted for that IP address. The same way that the browser would
do it if you clicked through the cert warning. That would be terrible,
and we'd probably have to ship the IP address as a constant value in the
extension, hampering our operational flexibility, but it would work.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7179#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list