[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] TBB Gentoo ebuild

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] TBB Gentoo ebuild
From: Alessandro Di Federico <ale@xxxxxxxxxxxx>
Date: Sun, 12 Aug 2012 21:36:38 +0200
Cc: poncho@xxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 12 Aug 2012 15:34:08 -0400
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=clearmind.me; s=dkim; h=Mime-Version:Content-Transfer-Encoding:Content-Type:References:In-Reply-To:Date:Cc:To:From:Subject:Message-ID; bh=Ptey3lQKVW3QzhZlwqefVIjNu6aeB+5dYwMzuSjSCsA=; b=V81qW0zFohxLwbDnLlExafHTHxUot4imaAhQWQmLv0CvwSuB0a9D88M73KvMhnBSBJ5jmIBaMTVsrmRakmtUXtKkhv4JL/jWTTsNcAgWdhfK+KV2UbovuylWqydBi6lnBqzX8xupTB7iheIksrOyVPAGCpzUgr1DvyXf61aCZec=;
In-reply-to: <4E0B21C5-441E-4F38-9CAF-617C08FB6E15@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <iZ4ypQvbZcy06oMaqXrNUzbaqsiPRznEDATkMu_VDfcJKvYUNjHCpCUuycKnWiaWgshci8qkmWnRh-ZvaqU6Kw@xxxxxxxxxxxxxxxxxxxxx> <4E0B21C5-441E-4F38-9CAF-617C08FB6E15@xxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

On Sun, 2012-08-12 at 15:11 -0400, Mansour Moufid wrote:
> Portage offers no authentication and no confidentiality.

Each file has a SHA-256, SHA-512 and Whirlpool hash associated. This
hashes are in Portage, and if you're a security-aware user (as most of
Gentoo users are) you can get it in a secure way, which means
PGP-signed.

Take a look at the handbook:
http://www.gentoo.org/doc/en/handbook/2008.0/handbook-x86.xml?part=2&chap=3#doc_chap6

Confidentiality is not required, because currently we distribute TBB
patches with portage, so you get them along with all the other Portage
updates as all the Gentoo users. The rest looks like a normal Firefox
installation. The Tor client is fetched through HTTPS.

Ale

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] TBB Gentoo ebuild
  - From: Mansour Moufid

References:
- [tor-dev] TBB Gentoo ebuild
  - From: Alessandro Di Federico
- Re: [tor-dev] TBB Gentoo ebuild
  - From: Mansour Moufid

Prev by Author: [tor-dev] TBB Gentoo ebuild
Next by Author: Re: [tor-dev] TBB Gentoo ebuild
Previous by thread: Re: [tor-dev] TBB Gentoo ebuild
Next by thread: Re: [tor-dev] TBB Gentoo ebuild
Index(es):
- Author
- Thread