subject:"\[tor\-bugs\] #20189 \[Applications\/Tor Browser\]\: MAR files should be signed with a modern signature algorithm."

Re: [tor-bugs] #20189 [Applications/Tor Browser]: MAR files should be signed with a modern signature algorithm.

2016-09-20 Thread Tor Bug Tracker & Wiki

#20189: MAR files should be signed with a modern signature algorithm.
--+
 Reporter:  yawning   |  Owner:  tbb-team
 Type:  enhancement   | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  worksforme
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+
Changes (by mcs):

 * status:  new => closed
 * resolution:   => worksforme


Comment:

 Mozilla still has an open bug for this issue
 (https://bugzilla.mozilla.org/show_bug.cgi?id=1105689) but our patched
 implementation uses SHA-512 signatures. See:
 https://gitweb.torproject.org/tor-browser.git/commit/modules/libmar?h=tor-
 browser-45.4.0esr-6.5-1=a1484f47c7a269a0d172a1c9e0c248f9792aeb34

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #20189 [Applications/Tor Browser]: MAR files should be signed with a modern signature algorithm.

2016-09-20 Thread Tor Bug Tracker & Wiki

#20189: MAR files should be signed with a modern signature algorithm.
--+--
 Reporter:  yawning   |  Owner:  tbb-team
 Type:  enhancement   | Status:  new
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal|   Keywords:
Actual Points:|  Parent ID:
   Points:|   Reviewer:
  Sponsor:|
--+--
 Mostly theoretical, and may be just a case of out of date upstream
 documentation.

 https://wiki.mozilla.org/Software_Update:MAR
 > 1: RSA-PKCS1-SHA1 (2048 bits / 256 bytes)

 We should patch the MAR related code to add something more suitable to our
 adversary model, though what's used now should be "adequate" for the near
 term future.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #20189 [Applications/Tor Browser]: MAR files should be signed with a modern signature algorithm.

[tor-bugs] #20189 [Applications/Tor Browser]: MAR files should be signed with a modern signature algorithm.

2 matches

Site Navigation

Mail list logo

Footer information