[tor-bugs] #13379 [Tor Browser]: Sign our MAR files
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Nov 26 16:11:42 UTC 2014
#13379: Sign our MAR files
-------------------------+-------------------------------------------------
Reporter: | Owner: mcs
mikeperry | Status: needs_review
Type: defect | Milestone:
Priority: major | Version:
Component: Tor | Keywords: tbb-security, TorBrowserTeam201411R
Browser | Parent ID:
Resolution: |
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by mcs):
Replying to [comment:23 gk]:
> Replying to [comment:14 mcs]:
> > The tor-browser changes are ready for review. The patches may be
found on a branch named bug13379-01 in user/brade/tor-browser.git; that
is, here:
> >
> > https://gitweb.torproject.org/user/brade/tor-
browser.git/shortlog/refs/heads/bug13379-01
>
> Looks good to me. Any reason for
> {{{
> - nss/cmd/certutil \
> }}}
> in Makefile.in in security/build? I'd be happy if others would have a
look at https://gitweb.torproject.org/user/brade/tor-
browser.git/commit/2d7b84ca53c75686daebf1e203eb5369c24f965e, too.
We removed nss/cmd/certutil within the ifdef ENABLE_TESTS block and moved
it outside so that nss/cmd/certutil is always included in NSS_DIRS (and
therefore always compiled).
> Gonna test that shortly but it seems to me that the signing can be done
offline, right? Like, I could download the MAR files, get offline, enter
my passphrase, get all MAR files signed, get online again and upload them?
Yes, I believe that should work.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:26>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list