Trac issueshttps://gitlab.torproject.org/legacy/trac/-/issues2020-06-13T09:46:35Zhttps://gitlab.torproject.org/legacy/trac/-/issues/30981Torbrowser/Torbirdy insecure settings2020-06-13T09:46:35ZcypherpunksTorbrowser/Torbirdy insecure settingsDescribed for Torbirdy, applicable in the same way to Torbrowser.
security.OCSP.enabled must be 0, after program restart 1
Leak of used https-certificates, also leak of certificates used to check signatures of e-mails, thus history of u...Described for Torbirdy, applicable in the same way to Torbrowser.
security.OCSP.enabled must be 0, after program restart 1
Leak of used https-certificates, also leak of certificates used to check signatures of e-mails, thus history of used certificates (i.e. website, signatures, keys, if tied to a certificate).
furthermore leak of fingerprint (in case of Torbirdy, should be secured with Torbrowser)
Accept:
Accept-Language:
Accept-Encoding:
...Sukhbir SinghSukhbir Singh