Opened 8 years ago

Closed 8 years ago

#5154 closed defect (fixed)

non-Torbutton SSL Observatory + hotel network => lots of cert warnings

Reported by: pde Owned by: pde
Priority: Medium Milestone:
Component: HTTPS Everywhere/EFF-HTTPS Everywhere Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description (last modified by pde)

If the user enables the SSL Obseravtory in non-Torbutton mode, and they land on a network that MITMs TLS, the browser will render a stream of certificate warnings caused by Observatory submissions.

What we should do instead is save up the certs for submission once the network stops attacking us.

This can be achieved with nsIBadCertListener2.

This is probably blocking the popup for the Observatory for non-Torbutton users.

Child Tickets

Change History (7)

comment:1 Changed 8 years ago by pde

Description: modified (diff)

comment:2 Changed 8 years ago by pde

Description: modified (diff)

comment:3 Changed 8 years ago by pde

Description: modified (diff)

comment:4 Changed 8 years ago by pde

I'm suddenly having trouble reproducing this :/.

comment:5 Changed 8 years ago by pde

This commit is an experimental first step towards fixing this:

https://gitweb.torproject.org/https-everywhere.git/commitdiff/248204297b530590b3d731a10895edbc20075e43

However, I can't seem to reproduce the problem at the moment, which isn't helping :/

comment:6 Changed 8 years ago by pde

I can reproduce in Firefox 9 but not Iceweasel 10....

comment:7 Changed 8 years ago by pde

Resolution: fixed
Status: newclosed

In any case, this case is closed.

Note: See TracTickets for help on using tickets.