Opened 6 years ago
Closed 3 years ago
#1413 closed enhancement (wontfix)
public key pinning for our sites
Reported by: | killyourtv | Owned by: | Eche|on |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | www/i2p | Version: | 0.9.16 |
Keywords: | Cc: | ||
Parent Tickets: | Sensitive: | no |
Description
As suggested by Anarchos on IRC it may be worthwhile have our certs pinned by Mozilla and/or any other browsers.
https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning
Subtickets
Change History (5)
comment:1 Changed 6 years ago by
comment:2 Changed 5 years ago by
Status: | new → open |
---|
comment:3 Changed 3 years ago by
Owner: | set to Eche|on |
---|---|
Status: | open → assigned |
comment:4 Changed 3 years ago by
Certificate pinning is mostly obsolete.
https://en.wikipedia.org/wiki/HTTP_Public_Key_Pinning
It will be removed from chrome in 2018, also IE/Edge does not support it at all.
New one is:
https://en.wikipedia.org/wiki/Certificate_Transparency
comment:5 Changed 3 years ago by
Resolution: | → wontfix |
---|---|
Status: | assigned → closed |
agreed. Also dangerous. See 'suicide by pinning'
Note: See
TracTickets for help on using
tickets.
Somewhat related proposal for pseudo-pinning of our reseed hosts: http://zzz.i2p/topics/1752