On 07/07/2014 08:09 AM, Jeff Beach wrote: > Resend. 1. Jacob was the one who added your website. :) 2. You can remove yourself at https://lists.eff.org/mailman/listinfo/https-everywhere. I'm not a list admin, so I'm not able to remove you.
-Yan > > > -------- Original Message -------- > Subject: [email protected] can be removed from the HTTPS > everywhere mailing list. > Date: Tue, 17 Jun 2014 16:57:58 +0700 > From: Jeff Beach <[email protected]> > Organization: New York Casual > To: [email protected] > > > > I had originally joined the HTTPS everywhere list to try to get my > ecommerce website included...but subsequently found out that this was a > highly technical discussion which was not reasonably suitable for my > needs. Fortunately, a kind person on the list generously helped me out > by including www.newyorkcasual.com on HTTPS everywhere; I very much > wanted to thank them, but inadvertently had deleted their email...now I > have no way to thank them. > > At any rate, I think it's probably OK at this time to remove > [email protected] from the HTTPS everywhere mailing list. I > appreciate the help and will spread the word about HTTPS Everywhere. > > > *Thank you,* > > / / > > *Jeff Beach* > > Founder & CEO > > * * > > ** > > * * > > *New York Casual LLC*** > > *4348 Covey Ct.* > > *Grand Blanc, MI 48439* > > ** > > *www.newyorkcasual.com <http://www.newyorkcasual.com>* > > * * > > On 7/7/2014 10:05 PM, Yan Zhu wrote: >> On 07/07/2014 06:31 AM, Yan Zhu wrote: >>> On 07/04/2014 06:57 PM, Red wrote: >>>> On 2014-07-04, 3:57 PM, Yan Zhu wrote: >>>>> One idea is to look through the signing code from Uhura (command line >>>>> signing utility for Mozilla extensions): >>>>> http://www.softlights.net/download.html. This should make the correct >>>>> signature format, since we use it to generate the signature field in >>>>> update.rdf for HTTPS Everywhere. >>>>> >>>>> Actually, it looks like what you want is lines 148-187 in the Linux >>>>> Uhura script. >>>> I appreciate the suggestion! >>>> >>>> I found that Uhura also uses `openssl dgst` to sign data, which is what >>>> I have been using more recently. The script also, however, explicitly >>>> specifies the use of the "-binary" flag, which appears to be the default >>>> behavior. Just to be sure, I tried signing and then base64-encoding the >>>> signature of the digest of update.json, but in both cases I ended up >>>> with the same thing. >>>> >>> Have you been doing the weird ASN1 template conversion that Uhura does >>> after generating the signature? I think that part is crucial. >>> >>> You can either port the Uhura script from Perl (ugh) to something more >>> sane that takes a generic string or file as input, or you can maybe use >>> this tool that someone wrote: >>> http://dxr.mozilla.org/mozilla-central/source/security/nss/cmd/pk1sign/pk1sign.c >>> >>> Found the latter via https://bugzilla.mozilla.org/show_bug.cgi?id=685852 >> I managed to get your test case to pass using a public key and signature >> generated via nss-tools. Patch attached so you can check that it works >> for you as well. >> >> The process was somewhat convoluted and perhaps infeasible in production >> (no way to install nss-tools on an airgapped machine), but here is a >> gist of how I did it: >> https://gist.github.com/diracdeltas/39d48e315d4ce1a67b83. >> >> It would be useful if you could make a python/shell/perl script based on >> Uhura or pk1sign.c that takes an OpenSSL-generated RSA key and a hash as >> input and outputs the signature. >> >>> >>> >>> >>> _______________________________________________ >>> HTTPS-Everywhere mailing list >>> [email protected] >>> https://lists.eff.org/mailman/listinfo/https-everywhere >>> >> >> >> >> _______________________________________________ >> HTTPS-Everywhere mailing list >> [email protected] >> https://lists.eff.org/mailman/listinfo/https-everywhere > > > > _______________________________________________ > HTTPS-Everywhere mailing list > [email protected] > https://lists.eff.org/mailman/listinfo/https-everywhere > -- Yan Zhu <[email protected]>, <[email protected]> Staff Technologist Electronic Frontier Foundation https://www.eff.org 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x134
signature.asc
Description: OpenPGP digital signature
_______________________________________________ HTTPS-Everywhere mailing list [email protected] https://lists.eff.org/mailman/listinfo/https-everywhere
