[tor-bugs] #10002 [Website]: Decide how to handle TBB 3.0beta download links and signature instructions
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Oct 30 20:44:02 UTC 2013
#10002: Decide how to handle TBB 3.0beta download links and signature instructions
---------------------------+-----------------------
Reporter: mikeperry | Owner: mikeperry
Type: task | Status: new
Priority: normal | Milestone:
Component: Website | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
---------------------------+-----------------------
Comment (by erinn):
One suggestion Mike had the other day on IRC, which was not mentioned
here, was that in the interim I can continue to sign the packages
individually. I'm happy to continue doing this, with the verification of
hashes etc.
Longer-term (and not even super longer -- within the next N months, where
N is lower than 6 IMO) we should look into other options. David (added to
Cc) had some luck with double-signing with Alexandre on the PTTBB bundles.
I've also talked to phobos about getting a cert, something we discussed
also in the distant and not-so-distant past. I think we should proceed
with that on both Windows and OSX now, regardless of our negative feelings
about the SSL cartel: these platforms are getting more challenging to run
software on without certs, and we are migrating all of our packages to
Gitian/deterministic builds anyway.
I have no input on the download locations.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10002#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list