Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Warn users that moving certificate to the system store lowers security #1824

Closed
ameshkov opened this issue Apr 13, 2018 · 2 comments
Closed

Warn users that moving certificate to the system store lowers security #1824

ameshkov opened this issue Apr 13, 2018 · 2 comments
Assignees
@admitrevskiy
Labels
Enhancement P2: High
Milestone
2.12

Comments

@ameshkov
Copy link
Member

ameshkov commented Apr 13, 2018
edited

When the certificate is moved to the system store, AdGuard has to remove HPKP and certificate transparency support (otherwise, some websites which use it won't open at all).

This lowers (slightly, IMO) security and we must warn users about it.
@ameshkov ameshkov added this to the 2.12 milestone Apr 13, 2018
@ameshkov
Copy link
Member Author

ameshkov commented May 3, 2018

Moreover, in light of these changes, a special policy needs to be enabled:
https://www.chromium.org/administrators/policy-list-3#CertificateTransparencyEnforcementDisabledForCas

@admitrevskiy
Copy link

Resolved

@admitrevskiy admitrevskiy reopened this Jun 26, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@admitrevskiy admitrevskiy

Labels
Enhancement P2: High
Projects
None yet
Milestone
2.12
Development

No branches or pull requests
3 participants
@ameshkov @vozersky @admitrevskiy