[tor-bugs] #18925 [User Experience/Website]: Add instructions for removing the code signing parts of OS X bundles
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue May 31 12:12:25 UTC 2016
#18925: Add instructions for removing the code signing parts of OS X bundles
-------------------------------------+--------------------------
Reporter: gk | Owner: tbb-team
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: User Experience/Website | Version:
Severity: Normal | Resolution:
Keywords: TorBrowserTeam201605 | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+--------------------------
Comment (by gk):
I've thought about this a bit and here are the requirements I came up
with:
1) We should build .dmg files as we are doing now for our QA. One idea was
to create .dmg files only after signing the packages to make the whole
process less burdensome. But that would leave us without testing the step
where users get Tor Browser out of the .dmg container on their computer.
2) We have scripts for checking the Authenticode signatures and the MAR
files signatures to make sure we did not miss a file while signing and
stripping the signatures is reproducible. We should have a script for
checking signed .dmg files as well.
3) We should provide instructions for removing code signing parts *on* OS
X systems as well.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18925#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list