[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #25435 [Applications/rbm]: keyring/binutils.gpg modified by `make alpha`
#25435: keyring/binutils.gpg modified by `make alpha`
-------------------------------------------------+-------------------------
Reporter: dcf | Owner: boklm
Type: defect | Status:
| needs_review
Priority: Medium | Milestone:
Component: Applications/rbm | Version:
Severity: Normal | Resolution:
Keywords: tbb-rbm, boklm201803, | Actual Points:
TorBrowserTeam201803R |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Changes (by boklm):
* keywords: tbb-rbm => tbb-rbm, boklm201803, TorBrowserTeam201803R
* status: new => needs_review
* cc: tbb-team (added)
* component: Applications/Tor Browser => Applications/rbm
* owner: tbb-team => boklm
Comment:
There is a patch for review in branch `bug_25435`:
https://gitweb.torproject.org/user/boklm/rbm.git/commit/?h=bug_25435&id=ddccb0de3cceee4fc83f4508ad7cf14f3b4461c1
In this patch we add the `--no-auto-check-trustdb` option. At the same
time, we add `--trust-model always` as we are not using the Web of Trust
when using a keyring file.
The `trust-model always` options means:
> Skip key validation and assume that used keys are always fully valid.
You generally won’t use this unless you are using some external validation
scheme. This option also suppresses the "[uncertain]" tag printed with
signature checks when there is no evidence that the user ID is bound to
the key. Note that this trust model still does not allow the use of
expired, revoked, or disabled keys.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25435#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs