Feature #5870

better support of non-commercial ISPs

Added by Tails 9 months ago. Updated 9 months ago.

Status:ConfirmedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-
QA Check: Blueprint:
Feature Branch: Easy:
Type of work:Code

Description

Non-commercial, ethical ISPs, such as the one who signed the data retention manifest, need to be better supported by Tails.

Our plans

  1. Install the SSL certificates/CA for such servers (on the long run, we want them to use "Monkeysphere":./monkeysphere.html but we're not there yet).
  2. Add bookmarks to the above-mentioned servers, in particular for quick'n'easy webmail access.

Implementation

SSL certificates

Iceweasel

The necessary NSS *.db files are:

  • cert8.db: can be generated from scratch by adding our custom SSL CA and server certificates with certutil
  • secmod.db: if this file is missing, a new one is generated without DSA, SHA256 and SHA512; weird.
  • key3.db: if missing, the other *.db files can't be used.

Related issues

Related to Tails - Bug #6704: CAcert.org root certificate is not included anymore Resolved 02/17/2014

Also available in: Atom PDF