Page MenuHomePhabricator
Create Task
Maniphest T66

Certificate Authority (CA) Pinning for whonix.org
Closed, ResolvedPublic
Actions

Description

At the moment we are just as everyone else vulnerable to malicious certificate authorities issuing fraudulent SSL certificates.

CA pinning is in the works. References:

Not perfect, not only pinning the certificate fingerprint, still depending on two CA's but at least not on a massive amount of them.

Once done, we should apply for it.

Related:
T84

Details

Impact
Needs Triage

Related Objects

Event Timeline

JasonJAyalaP created this task.Jan 13 2015, 9:47 PM
JasonJAyalaP updated the task description. (Show Details)
JasonJAyalaP raised the priority of this task from to Needs Triage.
JasonJAyalaP added projects: infrastructure, security, Whonix.
JasonJAyalaP triaged this task as Wishlist priority.
JasonJAyalaP added a subscriber: JasonJAyalaP.
Patrick added projects: website, research.Aug 28 2016, 8:05 PM
Patrick set Impact to Needs Triage.
Patrick added a subscriber: HulaHoop.
Patrick updated the task description. (Show Details)Jul 9 2018, 7:19 AM
Patrick closed this task as Invalid.

Same as T84#14765.

Patrick changed the task status from Invalid to Resolved.Jul 14 2018, 12:02 PM

We have now a DNS Certification Authority Authorization (CAA) Policy.

Whonix Issue Tracker · Unread Notifications · Open Issues · Homepage · Blog · Forum · Github · Legal · Imprint · Privacy Policy · Terms of Use · Disclaimer