Re: [tor-bugs] #13379 [Tor Browser]: Sign our MAR files

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#13379: Sign our MAR files
-------------------------+-------------------------------------------------
     Reporter:           |      Owner:  mcs
  mikeperry              |     Status:  needs_review
         Type:  defect   |  Milestone:
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  tbb-security, TorBrowserTeam201411R
  Browser                |  Parent ID:
   Resolution:           |
Actual Points:           |
       Points:           |
-------------------------+-------------------------------------------------

Comment (by mcs):

 Replying to gk's [comment:22 comment:22]:
 > That one looks good. Nit: s/so we have can/so we can/ in signmar.sh.

 Fixed.  Please use this new commit:
 https://gitweb.torproject.org/user/brade/tor-browser-
 bundle.git/commit/14dc9d97f52daee6f3fed33735b89f13977a6215

 Replying to gk's [comment:24 comment:24]:
 > Oh, I forgot one nit:
 > {{{
 >   // On Windows we rely on CyrptoAPI to do verifications so we don't
 need to
 >    // initialize NSS at all there.
 > }}}
 > This (in updater.cpp) is a bit misleading as we rely on NSS on all
 platforms. Might be confusing for people reading our code.

 To be safe, I rewrote that comment.  Please use this (new) branch:
 https://gitweb.torproject.org/user/brade/tor-
 browser.git/shortlog/refs/heads/bug13379-02
 I did not commit any test certs. there, so you can just merge the whole
 thing, i.e., take the most recent 4 commits.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:28>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs