[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #25543 [Applications/Tor Browser]: Rebase Tor Browser patches for ESR60
#25543: Rebase Tor Browser patches for ESR60
--------------------------------------------+------------------------------
Reporter: gk | Owner:
| arthuredelstein
Type: task | Status:
| needs_revision
Priority: Very High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201805, ff60-esr | Actual Points:
Parent ID: #25741 | Points:
Reviewer: | Sponsor:
--------------------------------------------+------------------------------
Comment (by gk):
Replying to [comment:30 mcs]:
> Replying to [comment:28 gk]:
> > Careful! We need to keep at least one of the MAR signing keys we are
currently shipping. Otherwise it is a bit hard with updates. :)
>
> The new updater needs MAR files in the new format, so I don't see why we
need to keep one of the old signing keys. But it is OK to do so for now.
Aha, yes, I think I was confused in thinking we need ship at least one
know key when doing an update but the important part is rather: the MAR
files need to be *signed* with one known key. So, as long as we sign the
first update using the new MAR format and shipping the new key(s) with a
known key (to the user) we should be good. And as this is a watershed
update we can ship two keys right away not bothering that the update after
the first one is only using new keys. So assuming I got it right this
time, I agree, we can start with two new keys and just leave the previous
MAR key patches out.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25543#comment:32>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs