[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #18008 [Tor Browser]: Create a new MAR signing key and bake it into Tor Browser
#18008: Create a new MAR signing key and bake it into Tor Browser
-------------------------------------------------+-------------------------
Reporter: gk | Owner: gk
Type: enhancement | Status:
Priority: Medium | needs_review
Component: Tor Browser | Milestone:
Severity: Normal | Version:
Keywords: tbb-security, TorBrowserTeam201601 | Resolution:
GeorgKoppen201601R tbb-5.5 | Actual Points:
Parent ID: | Points:
Sponsor: |
-------------------------------------------------+-------------------------
Changes (by gk):
* status: new => needs_review
* keywords: tbb-security, TorBrowserTeam201601 GeorgKoppen201601 => tbb-
security, TorBrowserTeam201601 GeorgKoppen201601R tbb-5.5
Comment:
Okay, the patch is in bug_18008 (https://gitweb.torproject.org/user/gk
/tor-browser.git/commit/?h=bug_18008). I've tested that using the files
found in https://people.torproject.org/~gk/testbuilds/18008/.
The .tar.xz file has the new key baked in, the *en-US.mar file is
unsigned, the *en-US_oldkey.mar file is signed by the MAR key we want to
replace and the *en-US_newkey.mar file is signed by the new key. The
update contains just a NoScript bump from 2.9 to 2.9.0.2.
I tested this trying to update by extracting the .mar files manually. As
expected applying the first two MAR files fails but applying the one
signed with the new key succeeds. After restart the NoScript version is
bumped to 2.9.0.2.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18008#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs