Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  closed
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:  fixed
 Keywords:  TorBrowserTeam201611R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * status:  needs_review => closed
 * resolution:   => fixed


Comment:

 We have HPKP for aus1.tpo now. Thus, let's try this switch in the next
 alpha. We might be able to get something even better before 6.5 gets
 stable. Commit 74af032f2b07b8106b216a240c175d163634d89d on tor-
 browser-45.4.0esr-6.5-1 has the fix.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201610R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by mcs):

 Replying to [comment:11 bugzilla]:
 > FYI: https://bugzilla.mozilla.org/show_bug.cgi?id=1151485
 > ESR52: https://bugzilla.mozilla.org/show_bug.cgi?id=1182352

 We already removed the updater-specific cert pinning. See #17442 and
 #18912.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201610R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by bugzilla):

 FYI: https://bugzilla.mozilla.org/show_bug.cgi?id=1151485
 ESR52: https://bugzilla.mozilla.org/show_bug.cgi?id=1182352

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201610R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by bugzilla):

 On topic:
 > We should point to the new location for our xml files
 You should check that even if you put your xml files directly on NSA
 server, your updater will apply the intended updates only.

 Off topic:
 Replying to [comment:3 gk]:
 > weasel said there is no key pinning for aus1.tpo nor for cdn.tpo right
 now. It might come in the future.
 weasel AFAIK is responsible for server side where only HPKP is available
 and not used. But should?

 Replying to [comment:7 yawning]:
 > This shouldn't be done at all till it's possible to pin the cert chain
 for aus1.tpo over a prolonged period of time (not the rather short 3
 months imposed by the Let's Encrypt cert lifespan).
 Usually only CA certs are pinned (on Mozilla side too), chain can't be
 pinned. If you are going to pin your 3 mo cert itself (which is best for
 security as it fully "breaks" PKI), then it's better to develop strong
 policy for the whole your infrastructure support (instead of PKI) at
 first, or you will end with a disaster worse than Mozilla has had
 recently.
 > WHile the scope of potential problems from not doing so should be
 limited to adversaries withholding updates (since the MARs are signed),
 that feels suboptimal.
 The scope of potential problems is limited to: some adversary could
 prevent TBB from updating (if there are no holes in the process of
 checking signed MARs).

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201609R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Replying to [comment:7 yawning]:
 > Replying to [comment:3 gk]:
 > > weasel said there is no key pinning for aus1.tpo nor for cdn.tpo right
 now. It might come in the future.
 >
 > This shouldn't be done at all till it's possible to pin the cert chain
 for aus1.tpo over a prolonged period of time (not the rather short 3
 months imposed by the Let's Encrypt cert lifespan).
 >
 > WHile the scope of potential problems from not doing so should be
 limited to adversaries withholding updates (since the MARs are signed),
 that feels suboptimal.

 I've created #20180 for aus1.tpo and cdn.tpo pinning.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201609R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by yawning):

 Replying to [comment:3 gk]:
 > weasel said there is no key pinning for aus1.tpo nor for cdn.tpo right
 now. It might come in the future.

 This shouldn't be done at all till it's possible to pin the cert chain for
 aus1.tpo over a prolonged period of time (not the rather short 3 months
 imposed by the Let's Encrypt cert lifespan).

 WHile the scope of potential problems from not doing so should be limited
 to adversaries withholding updates (since the MARs are signed), that feels
 suboptimal.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201606R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--

Comment (by gk):

 Replying to [comment:1 mcs]:
 > Here is a patch for the browser:
 > https://gitweb.torproject.org/user/brade/tor-
 browser.git/commit/?h=bug19481-01=0df39cf9448b523421db8f66d300b2586613d004
 >
 > Is this all we need to do? What about key pinning for aus1.tpo and
 cdn.tpo?

 weasel said there is no key pinning for aus1.tpo nor for cdn.tpo right
 now. It might come in the future.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:  TorBrowserTeam201606R |  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by gk):

 * keywords:   => TorBrowserTeam201606R


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #19481 [Applications/Tor Browser]: Change app.update.url to point to aus1.tpo

[Tor Bug Tracker & Wiki]

#19481: Change app.update.url to point to aus1.tpo
--+--
 Reporter:  gk|  Owner:  tbb-team
 Type:  task  | Status:  needs_review
 Priority:  Medium|  Milestone:
Component:  Applications/Tor Browser  |Version:
 Severity:  Normal| Resolution:
 Keywords:|  Actual Points:
Parent ID:| Points:
 Reviewer:|Sponsor:
--+--
Changes (by mcs):

 * status:  new => needs_review


Comment:

 Here is a patch for the browser:
 https://gitweb.torproject.org/user/brade/tor-
 browser.git/commit/?h=bug19481-01=0df39cf9448b523421db8f66d300b2586613d004

 Is this all we need to do? What about key pinning for aus1.tpo and
 cdn.tpo?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs