[tor-bugs] #29677 [Internal Services/Tor Sysadmin Team]: evaluate password management options

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue May 5 19:16:36 UTC 2020 

#29677: evaluate password management options
-------------------------------------------------+-------------------------
 Reporter:  anarcat                              |          Owner:  tpa
     Type:  task                                 |         Status:
                                                 |  assigned
 Priority:  Low                                  |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Major                                |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by sysrqb):

 Replying to [comment:5 anarcat]:
 > Known password managers:
 >
 >  * TPA has a `tor-passwords` repository which uses
 [https://github.com/weaselp/pwstore/ weasel's pwstore]
 >  * administration also store passwords in SVN
 >  * Puppet generates passwords on the fly using a puppet-specific token
 (this might get replaced by trocla eventually, see #30009)
 >  * each worker probably has their own individual password managers,
 brains, and post-it notes on screens (hopefully no!) which we don't
 exactly know about

  * Tor Browser-related passwords:
    * passphrase-protected OpenPGP signing key (package signing)
    * passphrase-protected NSSDB MAR signing key (Tor Browser updates)
    * passphrase-protected Windows Authenticode signing key
    * passphrase-protected MacOS code signing key
    * passphrase-protected Android code signing key
    * user/admin accounts on macOS/linux/windows signing machines
    * Google account (for publishing Android apps)
    * ...

 Currently, these are only shared in person (via military-grade post-
 quantum encrypted point-to-point subspace transmission).

 While this "works", I'd really appreciate having an easier and more fault-
 tolerant way of securely sharing this information (given the importance of
 keeping this information private). I don't know if such a system exists as
 a solution that Tor can deploy, but that's another wish-list item of mine
 :)

 #34123 is related, but currently those keys are separate from the above
 list.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29677#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list