[tor-bugs] #20319 [Internal Services/Tor Sysadmin Team]: set HPKP headers on onionoo
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 6 16:48:34 UTC 2020
#20319: set HPKP headers on onionoo
-------------------------------------------------+-------------------------
Reporter: weasel | Owner: tpa
Type: defect | Status: closed
Priority: Medium | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Normal | Resolution: wontfix
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by anarcat):
* status: needs_revision => closed
* resolution: => wontfix
Comment:
we won't deploy new HPKP for sites as it's disabled in major browsers and
has significant security issues (e.g. DOS). i updated the docs about tls a
while back to note that but there's no plan to disable existing sites for
now as it seems harmless since it's disabled.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20319#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list