Bug #10765
Allow pinning certificates in Thunderbird
0%
Description
While browsing the web, you might be presented with many different certificates every day but in the case of email, you basically always use the same certificates: the onces from your email provider. So trusting all CAs by default and allowing so many possible man-in-the-middle attacks is not really needed for usability.
We should have some mechanism to allow pinning certificates in Icedove instead of relying on the default certificate authorities.
This relates to https://trac.torproject.org/projects/tor/ticket/13607 which is unlikely to happen any time soon in TorBirdy.
Other people mentioned Certificate Patrol (https://addons.mozilla.org/en-US/firefox/addon/certificate-patrol/) or Cert Viewer Plus (https://addons.mozilla.org/en-US/firefox/addon/cert-viewer-plus/?src=search)
The first thing would be to test these.
Subtasks
History
#1 Updated by Anonymous 2015-12-17 10:13:48
I’ve quickly tested the Certificate Patrol extension.
It allows for managing TLS certificates (deleting, distrusting them, importing own certs etc.)
The default options do not require small changes to certificates to be shown, but this option can be activated.
Those which have already been accepted once and stored permanently continue to be accepted.
#2 Updated by Anonymous 2015-12-22 07:01:49
- Target version set to Tails_2.3
#3 Updated by Anonymous 2015-12-22 07:02:00
- Target version changed from Tails_2.3 to Tails_2.2
#4 Updated by Dr_Whax 2015-12-22 15:02:47
Certificate patrol only works in Thunderbird when you open a webpage and doesn’t provide me with any feedback about certificates for e-mail servers. Thus, rendering the extension useless.
I also looked at the plugin: “paranoia” it shows whether all paths had SSL encrypted communications but not with fingerprints or which certificate was used. Seems to have problems dealing with PGP e-mail.
#5 Updated by muri 2016-02-03 21:46:38
- Target version deleted (
Tails_2.2)
removing target version as discussed in the monthly meeting, as it is a new feature (no bugfix, no regression, etc.) and noone present wants to dig into it at the moment
#6 Updated by Dr_Whax 2016-02-15 20:22:11
- Assignee set to Dr_Whax
I reported this bug a while ago to one of the developers but it seems the `certificate-patrol` plugin isn’t really being maintained.
I tried to compile another tool from the same author(https://github.com/tg-x/libcertpatrol) but so far, it hasn’t compiled yet and I filled a bug with him personally.
I’m assigning the ticket to myself since I hope to get this working and see where we can go from there.
#7 Updated by Dr_Whax 2016-03-06 09:00:45
I’ve spend a bunch of time trying to get libcertpatrol to LD_PRELOAD some applications and so far it hasn’t worked out for me. I don’t think there is going to be much work to get it supported.. I don’t think there are a lot of alternatives left.
#8 Updated by Anonymous 2018-08-18 09:55:02
- Subject changed from Allow pinning certificates in Icedove to Allow pinning certificates in Thunderbird
#9 Updated by Anonymous 2018-08-18 09:55:56
DrWhax: are you still planning to work on this? If not, please unassign yourself from this ticket.
#10 Updated by Dr_Whax 2018-08-18 11:24:26
- Status changed from Confirmed to Rejected
In fact, i’m closing this ticket. I don’t think there’s much we can do for now.
#11 Updated by sajolida 2018-08-19 18:22:41
- Assignee deleted (
Dr_Whax) - Starter deleted (
Yes)
Some smaller mail providers started offering onion services to their mail server (riseup.net does that and my email provider as well) and this is roughly equivalent to pinning their certificate.