Opened 6 years ago

Last modified 5 years ago

#15470 reopened defect

cannot edit the certificates in Tor browser,

Reported by: dark ghost Owned by: tbb-team
Priority: Very High Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-security, CNNIC
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


I still cannot edit the certificates in Tor browser,please fix it as soon as possible!
One more thing: why not consider to delete CNNIC Root in default?

"On Friday, March 20th, we became aware of unauthorized digital certificates for several Google domains. The certificates were issued by an intermediate certificate authority apparently held by a company called MCS Holdings. This intermediate certificate was issued by CNNIC "
CNNIC belongs to Chinese government,and China is a totalitarian country.CNNIC Root and other Chinese certificate cannot be trusted by anyone!

Child Tickets

Change History (4)

comment:1 Changed 6 years ago by gk

Resolution: worksforme
Status: newclosed

I think you can, see comment:9:ticket:13353 for some hints.

comment:2 in reply to:  1 Changed 6 years ago by dark ghost

Replying to gk:

I think you can, see comment:9:ticket:13353 for some hints.

I do not think it is a solution."If I want to kick CNNIC off,I should give up private browsing mode."That is terrible for Chinese Tor users.Why do not untrust CNNIC Root in default?

comment:3 Changed 5 years ago by cypherpunks

Resolution: worksforme
Severity: Normal
Status: closedreopened
Type: projectdefect

The bug still persists.

comment:4 Changed 5 years ago by bugzilla

Keywords: tbb-security added

No way to remove built-in root CAs, but, maybe, make CNNIC untrusted by default?
P.S. Users can Delete or Distrust CNNIC in Authorities tab in Advanced Options. Can somebody confirm that setting persists after restart?

Note: See TracTickets for help on using tickets.