[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization

To: undisclosed-recipients: ;
Subject: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 11 Apr 2019 07:50:38 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 11 Apr 2019 03:50:47 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#30126: Make Tor Browser on macOS compatible with Apple's notarization
------------------------------------------+--------------------------
     Reporter:  gk                        |      Owner:  tbb-team
         Type:  task                      |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:  tbb-security
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+--------------------------
 Notarization is a technique by Apple to make running apps on macOS more
 secure to run. There a numerous parts to this and one can find more
 details about that on:

 https://developer.apple.com/documentation/security/notarizing_your_app_before_distribution

 Mozilla is tracking the work in:

 https://bugzilla.mozilla.org/show_bug.cgi?id=1470607

 and there are a bunch of large pieces that still need to get solved on
 their side, like enabling the Hardened Runtime and building with the 10.14
 SDK.

 However, at some point in the future apps won't run without that anymore
 and the potential changes we need to made are probably considerable. Thus,
 we should keep an eye on that and start thinking about which pieces of our
 signing infrastructure need to get adapted. Questions could be:

 1) Is it still enough to sign the builds on a 10.9 machine?
 2) How do we integrate sending the apps to Apple to get their blessing
 into our release process?
 3) How does that system work with our plan to get rid of the Apple signing
 machine and do the signing on Linux? (see: #29815)

 I don't see this being relevant for ESR 68 but it might become so during
 the transition to the ESR after that one (or for the regular release train
 in case we'll start following that one instead).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/30126>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #29223 [Core Tor/Tor]: List canonical abbreviations to use in Tor functions and identifiers
Next by Author: Re: [tor-bugs] #30076 [Core Tor/Tor]: shellcheck: contrib/dist/suse/tor.sh.in issues
Previous by thread: Re: [tor-bugs] #30125 [Obfuscation/Snowflake]: Port server's log sanitization to client, broker, and proxy-go
Next by thread: Re: [tor-bugs] #30126 [Applications/Tor Browser]: Make Tor Browser on macOS compatible with Apple's notarization
Index(es):
- Author
- Thread