[tbb-bugs] #13379 [Tor Browser]: Sign our MAR files

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 10 21:16:54 UTC 2014

#13379: Sign our MAR files
     Reporter:  mikeperry    |      Owner:  tbb-team
         Type:  defect       |     Status:  new
     Priority:  major        |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:  tbb-security
Actual Points:               |  Parent ID:
       Points:               |

Comment (by mcs):

 Replying to [comment:5 gk]:
 > Given your knowledge of the MAR signing code Mozilla provides do you
 think there are general obstacles to extend that to add support for a
 verification method relying on more than one key?

 I am not sure exactly what you are asking.  Mozilla currently supports
 embedding zero or more signatures in a MAR file.  The signatures are added
 using a program named signmar which is really just a more capable variant
 of the mar program.  signmar requires an NSS certificate database that
 contains a private key plus a self-signed certificate.

 Then, if you configure the Firefox build with --enable-verify-mar, one or
 two certificates are embedded in the updater program and signatures
 contained within any MAR file that is downloaded are checked against those
 certificates.  All signatures must be verified using one or the other cert
 or the MAR file will be rejected; that is, if the MAR file contains two
 signatures both must be verifiable.  And at least one signature must be
 present when --enable-verify-mar is turned on.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list