[tor-talk] TAILS versus TBB (Latest versions): Additional CA Certs appearing in TAILS browser. LEGIT or not ?

BM-2cUW5x4Ur6WBV9gr53QNfsv7RTLQXeS4p7 at bitmessage.ch BM-2cUW5x4Ur6WBV9gr53QNfsv7RTLQXeS4p7 at bitmessage.ch
Thu Oct 17 18:14:58 UTC 2013

I have a question:

Tor Browser Bundle - Firefox ESR 17.0.9 (LATEST TOR)
Compared to: Iceweasel 17.0.9 (LATEST TAILS Linux distribution)

To be found in Tails (not found in TBB), some additional certificates:

DigiCert Inc -> DigiCert High Assurance EV CA-1
DigiCert Inc -> DigiCert High Assurance CA3
GeoTrust Inc. -> Google Internet Authority G2
StartCom Ltd. -> StartCom Class 2 Primary Intermediate Server CA
The Go Daddy Group, Inc -> Go Daddy Secure Certification Authority
The USERTRUST Network -> Gandi Standard SSL CA

All these are listed as "Software Security Device" certificaties.
The others are "Builtin Object Token" and baked in the browser.

Mozilla's documentation explains about "Software Security Devices":

"Software Security Device stores your certificates and keys that aren't
stored on external security devices, including any CA certificates that
you may have installed in addition to those that come with the browser. "


Question is: did TAILS added some extra CA's ?

Looks funny...

More information about the tor-talk mailing list