[tor-bugs] #34123 [Internal Services/Tor Sysadmin Team]: Provide secrets/passwords management for Tor Browser Nightly signing

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue May 5 20:24:18 UTC 2020 

#34123: Provide secrets/passwords management for Tor Browser Nightly signing
-------------------------------------------------+-------------------------
 Reporter:  sysrqb                               |          Owner:  tpa
     Type:  project                              |         Status:
                                                 |  needs_information
 Priority:  Medium                               |      Milestone:
Component:  Internal Services/Tor Sysadmin Team  |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:                                       |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------
Changes (by anarcat):

 * status:  new => needs_information


Comment:

 after a discussion about this on IRC, I am not sure we can help you on
 this. as detailed in #29677, we currently have *many* password management
 mechanisms. the one that could be exposed on servers (through Puppet)
 would be Trocla, as you correctly identified there.

 but the way that works is that Trocla holds the secret (or just the hashed
 version!) on the puppetmaster and deploys the secret (or just the hash!)
 on the nodes. so, in effect, it does not *really* solves your problem
 here: what you would need, I suspect, is either a hardware token, or
 manage those secrets on your own.

 i'm not sure I understand what you expect TPA to do in this specific case.
 i hear, from the IRC discussion, that you are worried about that knowledge
 being in only one or two person's heads, but the solution for this is
 having clear and reliable documentation, alongside training, which seems
 to me to be more a social than technical problem at this stage.

 that said, I am happy to share the burden of storing possible secrets with
 the team if you are worried about losing them. we can do that in the TPA
 password manager or, if we need automatic generation and management, in
 Trocla.

 i would definitely need more information about how all this works before
 going forward, however, so feel free to detail where I got this wrong or
 how things actually work, either here or in private (nextcloud, encrypted
 pgp email or private git repositories all work).

 thanks!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34123#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list