[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2340 [Tor bundles/installation]: GPG signatures do not authenticate filenames

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2340 [Tor bundles/installation]: GPG signatures do not authenticate filenames
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 21 Jan 2011 20:29:00 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 21 Jan 2011 15:29:10 -0500
In-reply-to: <047.439b6051328a1315ff4effbbf36c5165@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.439b6051328a1315ff4effbbf36c5165@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2340: GPG signatures do not authenticate filenames
--------------------------------------+-------------------------------------
 Reporter:  rransom                   |       Owner:  rransom     
     Type:  defect                    |      Status:  needs_review
 Priority:  critical                  |   Milestone:              
Component:  Tor bundles/installation  |     Version:              
 Keywords:                            |      Parent:              
--------------------------------------+-------------------------------------

Comment(by dkg):

 I agree with Sebastian that simplifying and integrating into existing
 systems is the right way forward, not to make the verification process
 even more complex.

 At its core, it sounds like the problem you're facing here is that old
 packages have no expiration mechanism so users can realize that they
 should look for a newer version.

 It seems to me that this is best achieved through a combination of system-
 specific cryptographic signatures with embedded expirations (for dealing
 package installation time), and run-time version-checking against some
 authoritative server that can declare (in a cryptographically-secure way)
 "this version should no longer be run".  I don't much like this kind of
 "phone home" approach, but as i understand it, tor already needs to check
 in with some authoritative servers to find its way into the network
 anyhow.  If that's the case, maybe those servers can be re-used for this
 purpose?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2340#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #2340 [Tor bundles/installation]: GPG signatures do not authenticate filenames
Next by Author: Re: [tor-bugs] #2340 [Tor bundles/installation]: GPG signatures do not authenticate filenames
Previous by thread: Re: [tor-bugs] #2340 [Tor bundles/installation]: GPG signatures do not authenticate filenames
Next by thread: Re: [tor-bugs] #2340 [Tor bundles/installation]: GPG signatures do not authenticate filenames
Index(es):
- Author
- Thread