Opened 5 months ago

#30271 new enhancement

Validate untrusted TLS certificates to ensure Exits aren't performing an attack

Reported by: tom Owned by: tbb-team
Priority: Low Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

As described in https://gitweb.torproject.org/tor-browser-spec.git/tree/proposals/103-selfsigned-user-safety.txt - we can validate untrusted certificates via a separate circuit to ensure the exit node is not performing a TLS MITM attack on end users.

Child Tickets

Change History (0)

Note: See TracTickets for help on using tickets.