[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #15864 [Tor Browser]: Differentiate between build and release sha256sums.txt
#15864: Differentiate between build and release sha256sums.txt
-------------------------+-------------------------------------------------
Reporter: | Owner: tbb-team
mikeperry | Status: new
Type: defect | Milestone:
Priority: normal | Version:
Component: Tor | Keywords: tbb-4.5-regression,
Browser | TorBrowserTeam201505, tbb-usability
Resolution: | Parent ID:
Actual Points: |
Points: |
-------------------------+-------------------------------------------------
Comment (by proper):
Deprecation of sha256sums files is bad. Breaks Tor Browser downloaders
such as torbrowser-launcher and worsens security.
sha256sum files helped to authenticate filenames... Because...
GPG signatures do not authenticate filenames: #2340
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15864#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs