direct SSL certificate pinning for check.torproject.org and torproject.org (python method)
Open, NormalPublic
Actions

Assigned To

None

Authored By

	Patrick
	Feb 8 2015, 2:18 AM

Description

Since direct SSL certificate pinning for check.torproject.org and torproject.org (curl method) (T80) would have to wait a long time, until Debian stretch, this ticket is for an alternative approach.

Please make sure you've read T80 first.

mitm suggested in the forums to:

Learn from the code for downloading while direct pinning TPO's certificate from launcher.py (see VerifyTorProjectCert).

Seems the most promising method for now.

Related Objects

Mentioned In: T82: direct SSL certificate pinning for check.torproject.org and torproject.org (openssl s_client method)
T80: direct SSL certificate pinning for check.torproject.org and torproject.org (curl method)
Mentioned Here: T80: direct SSL certificate pinning for check.torproject.org and torproject.org (curl method)

Event Timeline

Patrick created this task.Feb 8 2015, 2:18 AM

Patrick raised the priority of this task from to Normal.

Patrick updated the task description. (Show Details)

Patrick added projects: python, security, research.

Patrick added a subscriber: Patrick.

Herald added a project: Whonix. · View Herald TranscriptFeb 8 2015, 2:18 AM

Patrick mentioned this in T80: direct SSL certificate pinning for check.torproject.org and torproject.org (curl method).Feb 8 2015, 2:20 AM

HulaHoop mentioned this in T82: direct SSL certificate pinning for check.torproject.org and torproject.org (openssl s_client method).May 30 2017, 5:06 PM

direct SSL certificate pinning for check.torproject.org and torproject.org (python method)Open, NormalPublicActions

Description

Related Objects

Event Timeline

direct SSL certificate pinning for check.torproject.org and torproject.org (python method)
Open, NormalPublic
Actions