[tor-bugs] #13410 [Applications/Tor Browser]: Disable self-signed certificate warnings when visiting .onion sites
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 21 07:15:24 UTC 2018
#13410: Disable self-signed certificate warnings when visiting .onion sites
--------------------------------------+--------------------------
Reporter: tom | Owner: tbb-team
Type: defect | Status: reopened
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: ux-team | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------------------+--------------------------
Comment (by cypherpunks):
I spotted some V3 onions are using wildcard self-sign domain to sign their
onions.
https://yawning.torv3onionnamehere.onion/
signed by: "*.torv3onionnamehere.onion"
Because OpenSSL can't sign "yawning.torv3onionnamehere.onion" due to its
maximum character length.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13410#comment:22>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list