Opened 8 months ago

Closed 8 months ago

#22001 closed defect (duplicate)

Protect against IDN-based whole-domain spoofing

Reported by: arthuredelstein Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Unfortunately Mozilla doesn't look like it is going to provide protection. But I think we should consider doing so in Tor Browser. See https://bugzilla.mozilla.org/show_bug.cgi?id=1332714

Child Tickets

Change History (4)

comment:1 Changed 8 months ago by arthuredelstein

Summary: Show a warning for IDN whole-domain spoofingProtect against IDN-based whole-domain spoofing

comment:2 Changed 8 months ago by cypherpunks

Keywords: tbb-security added
Priority: MediumVery High
Severity: NormalCritical

Is this a way to go for malicious exit nodes?
(Dupe of #21961?)

comment:3 Changed 8 months ago by gk

Keywords: tbb-security removed
Priority: Very HighMedium
Severity: CriticalNormal

Arthur: what's the relationship of this bug to #21961?

comment:4 Changed 8 months ago by arthuredelstein

Resolution: duplicate
Status: newclosed

This is a duplicate.

Note: See TracTickets for help on using tickets.