commit 571ea37ca54bce230c634b1faa4f7ec15c4f526b Author: Georg Koppen gk@torproject.org Date: Fri Jun 15 15:33:25 2018 +0000

Update MAR key generation for SHA-384 --- processes/KeyGeneration | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/processes/KeyGeneration b/processes/KeyGeneration index e10baee..2dad005 100644 --- a/processes/KeyGeneration +++ b/processes/KeyGeneration @@ -55,8 +55,8 @@ Key Creation Incantations and Instructions

1) `mkdir nssdb` 2) `certutil -d nssdb -N` -3) Choose a strong passphrase to protect the keys -4) `certutil -d nssdb -S -x -g 4096 -Z SHA512 -n marsigner -s "CN=Tor Browser MAR signing key" -t,,` +3) Choose a strong passphrase to protect the key +4) `certutil -d nssdb -S -x -g 4096 -Z SHA384 -n marsigner -s "CN=Tor Browser MAR signing key" -t,,` 5) If there should be additional keys in the database repeat step 4. Note, you need a different CN and ideally a different nickname ("marsigner" in the example above).