[tbb-bugs] #20189 [Applications/Tor Browser]: MAR files should be signed with a modern signature algorithm.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Sep 20 20:48:45 UTC 2016
#20189: MAR files should be signed with a modern signature algorithm.
------------------------------------------+----------------------
Reporter: yawning | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+----------------------
Mostly theoretical, and may be just a case of out of date upstream
documentation.
https://wiki.mozilla.org/Software_Update:MAR
> 1: RSA-PKCS1-SHA1 (2048 bits / 256 bytes)
We should patch the MAR related code to add something more suitable to our
adversary model, though what's used now should be "adequate" for the near
term future.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20189>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tbb-bugs
mailing list