|
|
|
|
|
|
by IncRnd
3072 days ago
|
|
|
Agreed, if the pinning extends from the client to outside the 'cafe' then that traffic is protected against modification from within the cafe. I'm a little suspect that they have their own implementation, which might be incomplete, but it is likely better than no pinning. By Tor, do you mean the firefox browser fork or Tor itself? |
|
|
The code includes a list of Directory Servers, along with the fingerprints of their certs[1], so those are pinned. Then the relays are fetched from a Directory Server, along with their own fingerprints. So those connections are also authenticated.
[1] https://oniongit.eu/dgoulet/tor/blob/42cee727fa281fff4e27f98...