[tor-talk] Unsigned Mac OS X binary for TorBrowser
andrew at torproject.is
andrew at torproject.is
Sat Nov 10 01:40:12 UTC 2012
On Fri, Nov 09, 2012 at 06:05:58PM -0500, mfisch at mfisch.com wrote 1.0K bytes in 18 lines about:
: TorProject should be registered as an Apple software developer, and the binary should be signed, both to increase credibility of the torproject and the safety of users.
No. The last time we reviewed the Apple Developer Agreement it is hostile
to Tor as an organization. We at Tor cannot sign Apple's ToS/Agreements
to use their systems. You are forced to give up all legal rights to
Apple and they have final say. I just tried to view the agreement again,
and I cannot do so without a valid ADP account.
In discussions with Apple, it comes down the facts that we cannot edit
their agreement, and take it or leave it as it is. It's clear developer
do not read these agreements, or do not understand them, or don't care
because they are distracted by the potential money they can make in
the Apple App Store.
For legal protection, we may have to create a subsidiary to sign these
agreements.
I expect the same issues with the Microsoft authenticode/developer
programs.
Here's an opportunity for an Apple development company to sign a
certification deal with us to get Tor Browser or something into the
Apple and Microsoft gatekeeper storefronts.
: Please wish-list this, I didn't see a bug reporting interface at first glance. Understand there may be fees associated with developer registration.
https://bugs.torproject.org.
--
Andrew
http://tpo.is/contact
pgp 0x6B4D6475
More information about the tor-talk
mailing list