Opened 5 years ago

Closed 5 years ago

#12623 closed task (fixed)

Deploy our TBB update archives on a secure machine

Reported by: gk Owned by: erinn
Priority: High Milestone:
Component: Applications/Tor Browser Version:
Severity: Keywords: TorBrowserTeam201408D
Cc: mcs, brade, mikeperry, intrigeri Actual Points:
Parent ID: #4234 Points:
Reviewer: Sponsor:

Description

We need a secure hosting of our .mar update archives for the TBBs. One way to make it more secure is pinning attributes of the TLS certificate in Tor Browser itself. There are probably others that should be investigated.

Child Tickets

Change History (8)

comment:1 Changed 5 years ago by intrigeri

Cc: intrigeri added

comment:2 Changed 5 years ago by mcs

Some of the existing Firefox prefs that we can use are:

app.update.cert.requireBuiltIn
app.update.cert.checkAttributes
app.update.certs.1.issuerName
app.update.certs.1.commonName

We should be able to add as many attributes as we want under app.update.certs.1. (but brade and I have only tested with issuerName and commonName which are the ones that Mozilla uses).

See:
prefs: http://mxr.mozilla.org/mozilla-esr24/source/browser/app/profile/firefox.js#92

update manifest onLoad handler: http://mxr.mozilla.org/mozilla-esr24/source/toolkit/mozapps/update/nsUpdateService.js#3370

checkCert from CertUtils.jsm: http://mxr.mozilla.org/mozilla-esr24/source/toolkit/modules/CertUtils.jsm#119

gk -- Do you think these existing mechanisms provide enough flexibility for TBB?
(brade and I think they do)

comment:3 in reply to:  2 Changed 5 years ago by gk

Replying to mcs:

gk -- Do you think these existing mechanisms provide enough flexibility for TBB?
(brade and I think they do)

Yes, I think so, too. Although we need to be careful when pinning the cert(s) attribute(s) to not lock users in case our cert(s) need to get replaced by (a) newer one(s)...

comment:4 Changed 5 years ago by erinn

Keywords: needs-triage added

comment:5 Changed 5 years ago by erinn

Component: Tor bundles/installationTor Browser
Keywords: needs-triage removed
Owner: changed from erinn to tbb-team

comment:6 Changed 5 years ago by mikeperry

Keywords: TorBrowserTeam201408D added

comment:7 Changed 5 years ago by mikeperry

Owner: changed from tbb-team to erinn
Status: newassigned

comment:8 Changed 5 years ago by mikeperry

Resolution: fixed
Status: assignedclosed

Ok, we're going to go with www for this.

Note: See TracTickets for help on using tickets.