[tor-bugs] #25435 [Applications/rbm]: keyring/binutils.gpg modified by `make alpha`
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Mar 6 21:14:44 UTC 2018
#25435: keyring/binutils.gpg modified by `make alpha`
-------------------------------------------------+-------------------------
Reporter: dcf | Owner: boklm
Type: defect | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/rbm | Version:
Severity: Normal | Resolution:
Keywords: tbb-rbm, boklm201803, | Actual Points:
TorBrowserTeam201803R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by boklm):
* keywords: tbb-rbm => tbb-rbm, boklm201803, TorBrowserTeam201803R
* status: new => needs_review
* cc: tbb-team (added)
* component: Applications/Tor Browser => Applications/rbm
* owner: tbb-team => boklm
Comment:
There is a patch for review in branch `bug_25435`:
https://gitweb.torproject.org/user/boklm/rbm.git/commit/?h=bug_25435&id=ddccb0de3cceee4fc83f4508ad7cf14f3b4461c1
In this patch we add the `--no-auto-check-trustdb` option. At the same
time, we add `--trust-model always` as we are not using the Web of Trust
when using a keyring file.
The `trust-model always` options means:
> Skip key validation and assume that used keys are always fully valid.
You generally won’t use this unless you are using some external validation
scheme. This option also suppresses the "[uncertain]" tag printed with
signature checks when there is no evidence that the user ID is bound to
the key. Note that this trust model still does not allow the use of
expired, revoked, or disabled keys.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25435#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list