[tor-bugs] #13379 [Tor Browser]: Sign our MAR files

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Nov 24 17:32:13 UTC 2014


#13379: Sign our MAR files
-----------------------------+-------------------------------------------
     Reporter:  mikeperry    |      Owner:  mcs
         Type:  defect       |     Status:  needs_review
     Priority:  major        |  Milestone:
    Component:  Tor Browser  |    Version:
   Resolution:               |   Keywords:  tbb-security,MikePerry201411R
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+-------------------------------------------

Comment (by boklm):

 The change to add the --createIncrementalMARs command line to
 update_responses looks good.

 The other changes introduce a single makefile rule to generate the
 incremental mar files and sign them. I am wondering if we should separate
 the incremental mar files generation, and the signature, to allow a
 process like this:
 - build tor-browser
 - generate incremental mars
 - upload sha256sums.incrementals.txt of unsigned mar files
 - check that sha256sums.txt and sha256sums.incrementals.txt are matching
 - sign the mar files, update responses xml files and upload

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list