[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5463 [BridgeDB]: BridgeDB must GPG-sign outgoing mails

Subject: Re: [tor-bugs] #5463 [BridgeDB]: BridgeDB must GPG-sign outgoing mails
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 09 May 2014 15:21:44 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 09 May 2014 11:21:59 -0400
In-reply-to: <047.a690d9d711ccf914bff19a3bdcc2491b@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.a690d9d711ccf914bff19a3bdcc2491b@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#5463: BridgeDB must GPG-sign outgoing mails
-----------------------------+----------------------------
     Reporter:  rransom      |      Owner:  isis
         Type:  enhancement  |     Status:  needs_review
     Priority:  normal       |  Milestone:
    Component:  BridgeDB     |    Version:
   Resolution:               |   Keywords:  bridgegb-email
Actual Points:               |  Parent ID:
       Points:               |
-----------------------------+----------------------------
Changes (by isis):

 * status:  needs_revision => needs_review


Comment:

 This is fixed, and there are unittests for problems encountered, in my
 `fix/5463-7547-7550-8241-11475-11753-email-rewrite`
 [https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/fix/5463-7547-7550-8241-11475-11753
 -email-rewrite branch] (which
 [https://gitweb.torproject.org/user/isis/bridgedb.git/tree/refs/heads/fix/5463-7547-7550-8241-11475-11753
 -email-rewrite:/lib/bridgedb/email rewrites the entirety] of the old
 `lib/bridgedb/EmailServer.py` module).

 There are additional fixes for the issue where libgpgme was attempting to
 load private keys from the process owner's `$HOME` directory in my
 `fix/5463-gpgme-homedir`
 [https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/fix/5463
 -gpgme-homedir branch], which is currently based on the
 `fix/5463-7547-7550-8241-11475-11753-email-rewrite` branch and should be
 merged after it. Additionally, since all the strings were changed to be
 (mostly) the same as the ones which are currently in use on the HTTPS
 distributor, there is a `translations/2014-05-07-update`
 [https://gitweb.torproject.org/user/isis/bridgedb.git/shortlog/refs/heads/translations/2014-05-07-update
 branch] which should be merged which updates the gettext `bridgedb.pot`
 file.

 There still is not a mechanism to include the client's email address in
 the signed portion of the message. I'm not exactly sure what adversarial
 behaviours that was intended to protect against.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5463#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #10385 [BridgeDB]: Replace BridgeDB's use of python-gpgme with python-gnupg
Next by Author: Re: [tor-bugs] #11849 [Tor bundles/installation]: 3.6.1 fail to start on MAC OSX 10.6.8
Previous by thread: Re: [tor-bugs] #10385 [BridgeDB]: Replace BridgeDB's use of python-gpgme with python-gnupg
Next by thread: Re: [tor-bugs] #5463 [BridgeDB]: BridgeDB must GPG-sign outgoing mails
Index(es):
- Author
- Thread