[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] automatic Tor browser updates



> On 13 Feb 2016, at 10:33 PM, Mirimir <mirimir@xxxxxxxxxx> wrote:
> 
> I can't say that I trust the MAR update protocol as much as
> checking GPG signatures.

In practice, the OpenPGP format used by GPG is unsatisfactory for automatic software updates.  GPG does not provide a library for creating or reading this format, so you'd have to run the signature checking in a child process, along with gpg-agent, intrusive keyring management, and quirky behavior across operating systems.  More trouble than it is worth!

MAR is a refreshingly simple format which uses PKCS1 (RSA-2048 + SHA2 should be in use now) for signatures - the same cryptographic primitives you are likely to use with GPG, but without the OpenPGP format insanity.

> The scrupulous can disable automatic updating, and go old school.


Personally, I believe bugs in the Firefox side of TBB are far more likely to provide exploits than a signed MAR update process, but whatever floats your boat.

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk