[tor-bugs] #11300 [Tor Sysadmin Team]: Find a secure signing machine for TBB signing
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon May 25 13:49:59 UTC 2015
#11300: Find a secure signing machine for TBB signing
-----------------------------------+--------------------
Reporter: mikeperry | Owner:
Type: task | Status: closed
Priority: normal | Milestone:
Component: Tor Sysadmin Team | Version:
Resolution: not a bug | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------------+--------------------
Changes (by gk):
* status: assigned => closed
* resolution: => not a bug
Comment:
Replying to [comment:15 ln5]:
> SUNET is happy to either host a signing machine using the DigiCert
thingie for signing or, if possible, put keys into an existing HSM system.
>
> For the first alternative, I need to go buy two RPI:s, pick a
distribution and install it. I've secured physical hosting space in a
place that I have access to and knowledge about who enters.
>
> For the second alternative, someone needs to either make a new request
for a signing key or find out a way of (wrapping and) exporting the key
from the DigiCert token.
>
> Let me know which one is preferred.
Thanks for the offer. I think going with option 1 sounds good to me. I'll
take to you about the details once we are about to actually make real
progress on the signing machine idea. We have to solve #15538 first one
way or another. Anyway, the sysadmin team is not needed at the moment.
Thus, closing for now.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11300#comment:17>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list