[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #8689 [Tor Sysadmin Team]: Periodically verify signatures in /dist



#8689: Periodically verify signatures in /dist
-------------------------------+--------------------------------------------
 Reporter:  mo                 |          Owner:     
     Type:  defect             |         Status:  new
 Priority:  normal             |      Milestone:     
Component:  Tor Sysadmin Team  |        Version:     
 Keywords:                     |         Parent:     
   Points:                     |   Actualpoints:     
-------------------------------+--------------------------------------------
 Give the recent bad signatures of some files in /dist that only came to
 light after a user emailed helpdesk, I wrote a bash script that I now run
 periodically on my dist mirror to verify the signatures. I think it's not
 a bad idea to run it on tpo.org as well.

 As first argument, it takes the path to /dist. It uses a local independent
 public keyring I update from time to time. That path must be customized in
 the script.

 It currently excludes /dist/manual because that contains unsigned copies
 of the user manual.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8689>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs