Skip to content

TLS certificate pinning (desktop) #201

New issue
New issue
Open
#232
Open
TLS certificate pinning (desktop)#201
#232
Assignees
wksantiago
Labels
desktopkeep-desktop GUI applicationenhancementNew feature or requestmediump3Lowest PrioritysecuritySecurity-related issues
@kwsantiago

Description

@kwsantiago
kwsantiago
opened on Feb 10, 2026

Android has TLS certificate pinning for relay connections with pin management UI. Desktop has nothing.

Android parity features needed:

  • Pin relay TLS certificates on first connection (TOFU)
  • Detect pin mismatches (potential MITM)
  • View pinned certificates
  • Clear individual pins
  • Clear all pins
  • Pin mismatch warning UI

Implementation notes:

  • Settings UI: Add TLS certificate pinning management section to the Settings screen created in Add Desktop Settings #191
  • Complements Tor proxy support for defense in depth

Metadata

Metadata

Assignees

Labels

desktopkeep-desktop GUI applicationenhancementNew feature or requestmediump3Lowest PrioritysecuritySecurity-related issues

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions