[tbb-bugs] #21922 [Applications/Tor Browser]: Add our reasoning for dealing with the XPI signing to our design document

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jan 27 17:18:35 UTC 2020


#21922: Add our reasoning for dealing with the XPI signing to our design document
--------------------------------------+--------------------------
 Reporter:  gk                        |          Owner:  tbb-team
     Type:  defect                    |         Status:  new
 Priority:  Medium                    |      Milestone:
Component:  Applications/Tor Browser  |        Version:
 Severity:  Normal                    |     Resolution:
 Keywords:  tbb-spec                  |  Actual Points:
Parent ID:  #25021                    |         Points:
 Reviewer:                            |        Sponsor:
--------------------------------------+--------------------------
Changes (by gk):

 * parent:   => #25021


Comment:

 Should be straightforward to add this under "Other Security Measures".
 Nowadays this only affects HTTPS Everywhere. We should point out why we
 want to use EFF's signature here and could generally point out our efforts
 trying to just ship the extensions via our own in-browser update mechanism
 and not via AMO/external auto-updating.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21922#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list