[tor-bugs] #14971 [Tor Browser]: Log certificate if there is a certificate error while checking for Tor Browser updates

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Feb 20 20:18:35 UTC 2015


#14971: Log certificate if there is a certificate error while checking for Tor
Browser updates
-----------------------------+----------------------
     Reporter:  gk           |      Owner:  tbb-team
         Type:  enhancement  |     Status:  new
     Priority:  normal       |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+----------------------

Comment (by gk):

 Replying to [comment:1 mcs]:
 > Do you remember what error you saw and how it was presented?

 Just some CertUtil check that was failing, IIRC.

 > Do you know if the error was during the update check (fetch XML update
 manifest) or if it was during download of the MAR file?

 The former. It was one of the background checks related by the timer that
 failed. But good point, though. I think I'd like to know if either of
 these requests gets MiTM'd.

 > There are a couple of certificate-related errors that may be displayed,
 but the English strings do not actually mention certificates so maybe you
 saw something else:
 >
 >  <!ENTITY errorCertAttrNoUpdate2.label "Something is preventing
 &brandShortName; from updating securely. Please make sure that you have
 the latest version of &brandShortName; from:">
 >  <!ENTITY errorCertAttrHasUpdate.label "Something is trying to trick
 &brandShortName; into accepting an insecure update. Please contact your
 network provider and seek help.">

 I saw neither. Just the error in my terminal.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14971#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list