I don't have possession of the current certificates but I presume the possessor is on the list.
-V ---------- Forwarded message ---------- From: Adam Langley <[email protected]> Date: Tue, Jan 6, 2015 at 11:29 AM Subject: Public-key pinning in Chrome. To: [email protected] tor2web has its TLS public keys pinned in Chrome to either "AlphaSSL_G2" or "Tor2web". Since you have a SHA-1 certificate, you'll probably need to replace it this year. When you do, it will not be issued from the "AlphaSSL - G2" certificate because that's signed with SHA-1. Unless you reuse the same, 5 year old key then you'll break your pinset. I think you should request now that a different CA certificate be trusted and should generate and submit your new leaf public key. (Note: Pinning changes take *at least* three months to take effect.) Cheers AGL _______________________________________________ Tor2web-talk mailing list [email protected] http://lists.globaleaks.org/mailman/listinfo/tor2web-talk
