[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #13379 [Tor Browser]: Sign our MAR files
#13379: Sign our MAR files
-------------------------+-------------------------------------------------
Reporter: | Owner: mcs
mikeperry | Status: needs_review
Type: defect | Milestone:
Priority: major | Version:
Component: Tor | Keywords: tbb-security, TorBrowserTeam201411R
Browser | Parent ID:
Resolution: |
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by gk):
Replying to [comment:32 mikeperry]:
> It seems fine to me if we want to hold off until 4.5-alpha-3 for this
for stability and logistical reasons (key management, release delay), but
that said I think a SHA1-based sig is still better than no sig.
That's true but if we start signing with the current code then we get the
additional problem of how to transition the users with a 4.5-alpha-2 to a
later version that has additional signature algorithm support. Might be
not a big deal but I think I'd prefer having the key creation/management
issues properly sorted out (we don't even have them sorted out for the
bundle signatures yet *hint* *hint*) and give the signed updates a bit
more testing.
> Still, to pick from the ones listed in secvfy.c, probably either:
SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE or
SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST.
I have not looked at those algorithms yet but just wanted to add that we
are probably going to use RSA 4096/SHA512 for the packages. Might make
sense to use a comparable security level if it does not cost much.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13379#comment:33>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs