[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] TBB update mechanism
- To: tor-talk@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-talk] TBB update mechanism
- From: Georg Koppen <gk@xxxxxxxxxxxxxx>
- Date: Mon, 2 Mar 2020 08:58:58 +0100
- Autocrypt: addr=gk@xxxxxxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFH3/woBEADHs/Q4t69Vm+mNMW0vH0Ms6HtjpzBsto/yyDAoLitmAxfMIeCuWuyuBdHR krdq9Rk5WQLYtP9eROGkuABK/UaxpLw8zkwkmqbxQ2wxytVwgonOmAFPXvPjzVy+ToJvKWJj tRGFoWwO9OEZ8q6xhVnwLUJXRQF01/XhBhU2RPzzUTHrgiY2bi6Ko34nSM8qAuidykqd/elI wE+kn4+TZ+yBC7pzwUfRK0bOqc05qtq5ooH7rYGpvdOkt9DuoFEjhLrBaL3UiP5J6D9W1Ltv 7Y239RGZyGr0wO5ClhuJwipnw6yWDt493cw4fOy7J1Lbo8dZyU4pnFIgt1Cu506/CvdQ53pR UHhCSIS/IyOiEL9PI/PPByG9UhwNQYk9U22h4MalPwa+4rZ1XA6mf5+T4QQRmghAnegPwyQw qnQzHc2ZPAal+Ill15AncyfIeMfuCLyA/TVWwQTQMzdcVwu3nljBfGOjOSTHOafBqsVlvgEo R9GB9OaTbriP7lCDJmBsgFFZ5F0m6us2pP72TpM0GMYCae7PHk7POhvcE5VJg03E3tjyQUQA zt5ZcpzjZtbcWIoYjxEJMq1Wzj0PYfZYFYZGq2lQx7xJ54gb+RlXEaKiXhDQH+EkrKZHBDWi atMbfkMWiknmn8O7VkuT4LOHsF1I9oJt1VTZ0dx2MVvk2hhs3QARAQABtCBHZW9yZyBLb3Bw ZW4gPGdrQHRvcnByb2plY3Qub3JnPokCOgQTAQgAJAIbAwULCQgHAwUVCgkICwUWAwIBAAIe AQIXgAUCUuzzUQIZAQAKCRCUNzqpS3wyI694D/90P74XiDzioGbNEH37W9P5G6unLUKp/zLf 5Ifosf6ijS5EvhKXpSXAqWu4eSpUh+i72Kr53SvzAIggWjUM61e92xt0bg4+VFaguMh6d9l0 MpDMfRJB+qoRNaDDyGk1VH9ZLBJOpTY59HcIIyg2LIMt1PHk+3npr0MnDfh/5fgyPvFRv9ZK WkKdwD4ImlqGXaxsES2pPk8tn21k7J4N8jzRAYM8oV9cMeeCbMgERilU2sRxNORs55zV6GiD A68lmwY6+OHjaKd0k+Oibs63PrTl1+P4EYBZTlXK9gSSWKiUydVP+2lQoyGVmuH0VpepEcnv zu06g+YU4TiH3f7t1chknGlEm1s872nyZo7Nd+zVDcIa4iklBMpeEsPDB6zRT7KBH+oCw5vK G+Ngjv3AO8hD2RTFHw8oAD8WPBbrOB2C9qSha/XSl7rjxTpqRillP+543xhQncC3b2x+Vk4C wlJdrjOvweMnM4xCEeg03WUeRz6a4Uuh6A9x4WZia+5Y5PrKG4GKPeBbskFdw6N0/10Gk1nF wpS42esKsrvqeltRLPzwFj0FEO+mole3y2f+iR8rJd/rik7AW9PM2YkhiF8kmcyh07GSjcCo qg7AkOJ87Bv2knZ0KYlukY5wBKK/DY55GTLGQ7w6kR/BzMOlKnru1e0+zvyZ4KijODEuaUi1 2bkCDQRdd2fNARAA129/1tcgz/gZRL9duwIxRlrN9VPMGHXs9WPjIIhbZ2xe6jN/ZwuyLIrq fM8MyzMkJYY9oDK6PhzpYkgMt7Z+s/rkFwOduxya4apwOI/gDZ//+eNiKSnXr5KA9rBjk7OF ZWEdT2/Y1u1s84o5SKVEH+N/C0Hum/CNawdldvxaviiF4DxGXi57NUIiI9dW1Gv2Mk7cCHwR Hew6BLLYUC0UyB/0qsZmVpxsu2P22wc0f5DU3ijVBOKlIWy4J49cR57glTB7KqbtZTaCSQpv 9SqamvP/BVyRg1Gk4OLPAC+kxzOWcosWThAUK7T3nlSxKEygQhZmT855l0J/fmsx0zqLL5gW 0vSV7hl6EIShhXUxIY7SZjKkPdzAdCHhAERRq4l2y41k8XEdXo8nYs2j8JaV/NFvM+h7DQOs IRExr7Kshp0gae3k6ZzhWHnm8E+iJKAOmagh43iYZFHb3c10Xg4XRjNoyxETQporYsSIkIzl 8VbtqywFqxfahxWWprePUyQhNhdb7+Xg4B2oAZcIzy15KVLtwgdopcob9KreO7nRFtlu+Wrt msnkkOqzce/XZ62PyFsRtQeaLGxwUSXBzCnpieOpRZWdx5F+c48PzEJoQxRPRbe9gXFaeRtZ erIDv/e8YLYlSkkKNkINGtxo9Olqu3/MzN2R22iCHvQNzh951XUAEQEAAYkCPAQYAQoAJhYh BDXNdMJKmxWhnhqBoZQ3OqlLfDIjBQJdd2fNAhsMBQkB49aAAAoJEJQ3OqlLfDIjQpIP/AlW NB1XFkzPB54vzoXsw9B6j0+4h6KMZKpqi06uATF34j2JMWv+xKhHsSlK3apltjX04VAhhAxQ lc3yfG2B3PfKH/Rw97/NEphNjsgqkwpGs5XWMrXlu+rIObz6rKYHtZ3wePxcGWGOizZ/yfZz Swh6iqjWEo7Q4aF0fQchAa4FY6+emg0nX9lvJMjLYXZcntz4pQ8jHLAsT9H8AH5yOT0BMjgP u72xZ9F77TdFoaoQ2LiBI/BKiN5WuLOP9NzowokRlOdUtC0kDwUzcv6LpR1qHq4d2kXssJUr 7mfVS0+EuT3XQWpNaInbiXgHcPn1C/GbqlTXDFICE5hxM081EpzEbRdneyFlInRNYMOKsiP0 7gEzm6LCG5ZK5xydVS4vCwENBDjYQQe5JpLEvLok3shud35R32muCZpDyJrYMbHQTpJ6pODO +LS1RaK/derXGylK/OT5IxQaAszM8wAMFQvQi+hGAOvF/vCvZ++so34aB258mJIFz7XKJPFO Bgfeqcz9YvrUwl6ZoQmK9t5fzYI3hRuUmRHUBBG3gBARvDTb32f//FEJfJ5nioaMClXw4Hoc jf+0Xa1DYJn/2Utjwr7HHQI6tLMDdI5VNc2L8V2axFjmmV3Sb3pQo1eT1bcNgjyuCht/WYEq CJvi1mOQRh0UKS/WV70ni0jQjlmn53ubuQINBF13aDEBEACwlExNzqrcYFVzkpWC8XKW0E14 sbecwjZGRTU7Eq0aZytEgRvG4ijAz3Bn9Z/tMTdL5a2GzGHhRx1oC9HXAGr5q9Zqz/B2Qyfn slnDN/cO6cKk5hnbIjQuPi5Eg5+oGeKGhClrRbI9OOuK0lm9tlUnAxkdOgmGz1t5FL6F+gWY M8Pam/kvvKJfqmPBtmsqSKW7ERGPZ27jqP7YddfB89UaDF4lsMkX3WTGe1gyL1CU2uFU9L93 FhxPDcUUzSntDjlVau2E7Px5sunnxVUZzM8kuCAJMg0LQ+AfNfrr0L8fOe2Z2cvkDr+efS0f VyA5+wv8svEuiRqY4Rrp5qNDiAvxAzO3y0c6gw9iYYqNnfQ7XbuiW+9Tuhcb+h1DJnR8b4YD VPMrfuga92Y3vdSNo+l3eelcvcGSxmSSZSgdqEZOmr4mJOZmXPNJUzMcdaX4jb1mg26TpntK OkR556Uot4kwfaP0m/aNqlRYergxvjXB7DYBDxWGmcDMnotfEBnTtihSWJruM56p5yddNjiw gbm07jWyJC0kI/r399KgBVXsSqKTDRpagwk3/zbYkIA2/NsENCQxp5zu6BJXdrT6Dy6F36Bc NlodzLRHGmqblZ4zCxoKnE7lmhJjr+mZzsWadyg5HRPDlQYATu4HEsbVYY590G2L9b6volHE 2Rc+T1diJQARAQABiQRyBBgBCgAmFiEENc10wkqbFaGeGoGhlDc6qUt8MiMFAl13aDECGwIF CQHj1oACQAkQlDc6qUt8MiPBdCAEGQEKAB0WIQTUttOn/VUPhD4MgOd+Q4tauRcwPgUCXXdo MQAKCRB+Q4tauRcwPh7/EACpcfyUg3rCO+YC5TO528m2aYLYlEmSsSsf/IFfst1jde0L+yuC klQIvvrylbUCutlG65CktxOAfig6o8DNfO/j4m7PADg1m5tALFKp8yWgUemv7NKc8Jl/3fM0 cgjBY+pu82QKcEmFcY9gt+C0gH5lmfBHdTKdycYJ/7TCbYgoLworKG58g9pNqiYkkBSQY2q/ XywoPrbyhRrsOmcty/uumOnpu9InDKjBxE/c3HmWTTxqr8T5caKrQdNXWkSjv5FzRQC95Ymi oQeorRnWDNSJ4UcmEohvs2m+9uWAPIMgcBKefVsKWxKK0CvZLq/tpjw8bgkpRqHL7fWXwwIF 9jH04psmfiom8pzS0fxqaVmBVUHj0PMqIimg74fUmoeJmhTR18rp+hdB3xPeX7Rq6c6Y8JDI kA7WSLx+kptHQ58YOAg3r14FoRR8mp94gDiEyQwj3bME9laBLSYKWjdkW99M5/BXU/MgaK5Q uQ0V2Dpfr753lnne+u44SS5AMc+WUVvvcwM5WdjdPrioSOotJoZGuGEU63WEHhAPb2DaEa0Z poXZIvFu14V5+0AHLgo5qsJMu2sWDO72kgx/f5bGZgpg0ubivgTmWxtB/1r4+ochKDyAJhol ZzonlhpiOLuve8lDjf2j6u2ztuKcHGDoc3LPuS8n5/KZ1FnNmplpM0TNnmcUD/9g8G2Aj4ah nUB5DJiPab2EZaoe6eufn1slNcPHAhBZyjftOM8iQ58i5HygrG48M9/zF5VQ55kc8etGN6cB L9XXrqZTcB354BcXLjrYe/1Atm3x+OI392WUi22N/BYzmMUDaB0vxh3wDO379TyoC9MAOY41 oG4YddBYQqHS1kO/CjCUlWGaG1qksowSgS1P6mn+6ZF7y90yphvo2CF/9L/eI9UsqLGfywji 97qXwBY6a38Ya2TrHlA/Qn0vepf6aSieV1SlDpFOGfeS1/tkKJgsRFZb91iI4Qz7Mex+dQQn iiG42+OwllkKFmE78MrjrspBON4FTFtrAXKGmPZqHPWFHUmSZAowX6XHK/GaEDX5y8KMcAje annxvwSUEtDtkbw4Zkx/s0uJvY2DisXjui6IybnocBp6GUSnhQRfU8kROkW3oVQ7qGNcqESU WFsBVKu+4s1fMa1KrYVwqG2zQZLQVQucIFPZFUUoEecTqaBLuQn8gxcuDMDo4x7l3KnayHdK t/PQWA08IW+NVgiRB8Nzjtbar1emzlwYd/KCkqoI4OpK+lzpjjijsvrzErTWN4jHTFk8v3pm RwN6Nq/n+uuSh7l66ZzGsI3tkw6TB365bOapmwH+QfcI40MVe0cizdqcCgyL/yyEcz0MZgoS /3KOe0GZ1A2SWewkOuVBNQF6dw==
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Mon, 02 Mar 2020 02:59:22 -0500
- In-reply-to: <d569dc02b62352fe5cf7304a8d11f455@airmail.cc>
- List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
- List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
- List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
- List-post: <mailto:tor-talk@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
- References: <d569dc02b62352fe5cf7304a8d11f455@airmail.cc>
- Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
Hans Vader:
> Dear TOR people,
>
> I have a question regarding the updating mechanism of tor browser from
> within the browser.
> These updates are signed I stronly suppose. I would like to know, does
> checking these signatures depend on external programs like gpg? Is the
> signature verification application for updates part of the browser
> bundle itself?
For updates we essentially use the Firefox updater and, yes, we are
signing the update files.
Firefox and thus Tor Browser comes with its own means to check the
signature[1], there is no external tool required. For more information
about the Firefox update process and the .mar files, which are the
update files the Tor Browser build process produces, see the Mozilla
wiki[2] as a starting point.
Georg
[1] https://wiki.mozilla.org/Software_Update:MAR_Signing_and_Verification
[2] https://wiki.mozilla.org/Software_Update
Attachment:
signature.asc
Description: OpenPGP digital signature
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk