[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #13407 [Tor bundles/installation]: Transition smoothly away from Erinn's signing key for the coming releases

Subject: Re: [tor-bugs] #13407 [Tor bundles/installation]: Transition smoothly away from Erinn's signing key for the coming releases
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 31 Oct 2014 13:20:19 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 31 Oct 2014 09:20:30 -0400
In-reply-to: <042.ab188aac32885bc36fe785d847bbd904@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <042.ab188aac32885bc36fe785d847bbd904@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#13407: Transition smoothly away from Erinn's signing key for the coming releases
------------------------------------------+--------------------------------
     Reporter:  gk                        |      Owner:  erinn
         Type:  task                      |     Status:  new
     Priority:  normal                    |  Milestone:
    Component:  Tor bundles/installation  |    Version:
   Resolution:                            |   Keywords:  security,
Actual Points:                            |  usability
       Points:                            |  Parent ID:
------------------------------------------+--------------------------------

Comment (by gk):

 As Mike noted today on IRC we are hopefully soon able to ship signed MAR
 files for the updater which means that it might not be worth all the fancy
 efforts in trying to safeguard a role signing key given that we need to
 include that one MAR signing key into our Tor Browser which creates yet
 another single point of failure... (granted I am simplifying a bit given
 the certificate pinning but still...).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13407#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #13407 [Tor bundles/installation]: Transition smoothly away from Erinn's signing key for the coming releases
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #3967 [Torbutton]: new identity feature could support ControlSocket
Next by Author: Re: [tor-bugs] #13018 [Tor Browser]: Math routines are OS fingerprintable
Previous by thread: Re: [tor-bugs] #13407 [Tor bundles/installation]: Transition smoothly away from Erinn's signing key for the coming releases
Next by thread: Re: [tor-bugs] #13143 [general]: Complete a first version of Stormy
Index(es):
- Author
- Thread