Opened 7 years ago

Closed 7 years ago

Last modified 5 years ago

#5789 closed enhancement (wontfix)

Provide gpg-self-signed SSL certificate to enable meaningful certificate pinning

Reported by: vinsci Owned by: phobos
Priority: Medium Milestone:
Component: Webpages/Website Version:
Severity: Keywords:
Cc: adrelanos@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I suggest publishing a GPG-self-signed SSL certificate for the website, in order to enable meaningful certificate pinning.

To avoid forcing ignorant users to have to deal with warning messages for the self-signed certificate, the GPG-self-signed SSL version of the website would be published on a different port number, and so the standard SSL port number can continue to serve the SSL CA-signed (but therefore less trusted) content.

An attacker on Tor users in a country may succeed simply by modifying web site documentation (via on the fly certificate rewriting) to give the wrong advice. It matters little then that the software itself is GPG-signed.

For a website example, the https://dev.mutt.org/trac/ website utilizes a GPG-self-signed SSL certificate (but doesn't provide a CA signed certificate). See description on that page.

Child Tickets

Change History (3)

comment:1 Changed 7 years ago by phobos

The best we can offer is https://www.torproject.org/docs/faq.html.en#SSLcertfingerprint

The relevant documentation is included with the software packages so users don't have to trust a website.

comment:2 Changed 7 years ago by phobos

Resolution: wontfix
Status: newclosed

comment:3 Changed 5 years ago by proper

Cc: adrelanos@… added
Note: See TracTickets for help on using tickets.