Tails

#1 Updated by intrigeri 2016-09-20 02:33:42

• Description updated

#2 Updated by intrigeri 2016-09-20 02:40:20

• Description updated

(Tested on Jessie, and there the CA pinning works fine.)

#3 Updated by intrigeri 2016-09-20 02:57:54

• related to Feature #11810: Have our website CA bundle trust Let's Encrypt CA added

#4 Updated by intrigeri 2016-09-20 02:58:46

• Description updated

#5 Updated by intrigeri 2016-09-20 08:28:01

• Status changed from Confirmed to In Progress
• % Done changed from 0 to 50

Fixed by my pull request on Feature #11810.

#6 Updated by intrigeri 2016-09-20 08:28:22

• related to deleted (Feature #11810: Have our website CA bundle trust Let's Encrypt CA)

#7 Updated by intrigeri 2016-09-20 08:28:25

• blocked by Feature #11810: Have our website CA bundle trust Let's Encrypt CA added

#8 Updated by intrigeri 2016-11-15 10:44:47

• QA Check set to Ready for QA

Next step is to do the tests documented on Feature #11810#note-4 in a current feature/stretch.

#9 Updated by intrigeri 2016-11-15 19:39:57

• Status changed from In Progress to Resolved
• % Done changed from 50 to 100
• QA Check changed from Ready for QA to Pass

OK tails-security-check should work

OK tails-security-check https://labs.riseup.net/test/tails.boum.org/security/ should work

OK HTTPS_CA_FILE=/etc/ssl/certs/DST_Root_CA_X3.pem tails-security-check should fail

OK HTTPS_CA_FILE=/etc/ssl/certs/AddTrust_External_Root.pem tails-security-check https://labs.riseup.net/test/tails.boum.org/security/ should fail