Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

certificate fetches should use tor or be disabled in tor windows #4245

Open
diracdeltas opened this issue Apr 25, 2019 · 2 comments
Open

certificate fetches should use tor or be disabled in tor windows #4245

diracdeltas opened this issue Apr 25, 2019 · 2 comments
Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. feature/tor

Comments

@diracdeltas
Copy link
Member

migration of brave/muon#520
@diracdeltas diracdeltas added the feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. label Apr 25, 2019
This was referenced Apr 26, 2019
Closed
Open
@riastradh-brave
Copy link
Contributor

Upstream issue for quicker reference:

https://bugs.chromium.org/p/chromium/issues/detail?id=80722

@diracdeltas
Copy link
Member Author

diracdeltas commented May 8, 2022
edited
Loading

For Windows, we may at least be able to do the following:

Am I correct that the hard part is plumbing the "is this a Tor window?" status to cert_verify_proc_win.cc? The trivial fix of setting CERT_CHAIN_DISABLE_AIA unconditionally should be only a few lines of code, but that will break compatibility (outside of Tor mode) with websites whose TLS configuration depends on AIA

thanks to biolizard89 for the tip

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature/tor/leakproofing Eliminating unexpected ways that someone using Tor might be unmasked. feature/tor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@diracdeltas @riastradh-brave