[tor-bugs] #18287 [Applications/Tor Browser]: Use SHA-2 signature for Tor Browser setup executables
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Feb 28 08:56:11 UTC 2019
#18287: Use SHA-2 signature for Tor Browser setup executables
-------------------------------------------------+-------------------------
Reporter: gk | Owner: tbb-
| team
Type: enhancement | Status: closed
Priority: High | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Resolution: fixed
Keywords: tbb-security, TorBrowserTeam201805, | Actual Points:
GeorgKoppen201805 |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by gk):
Replying to [comment:13 cypherpunks]:
> Replying to [comment:12 gk]:
> > Oh, I forgot to add that the timestamping and deterministic signature
stripping is still working as expected.
> and using SHA-1, fwiw. (SHA-2 digest + SHA-2 certificate + SHA-1
timestamp)
Yes, that's solved in #29614.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18287#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list