Opened 3 years ago

Closed 3 years ago

Last modified 22 months ago

#20589 closed task (fixed)

Create new MAR signing key for Tor Browser

Reported by: gk Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: TorBrowserTeam201701R, GeorgKoppen201701, tbb-no-uplift
Cc: boklm, yawning Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


We want to start with the usual MAR signing key rotation soon. Thus, we should create a new key and embed the related certs into Tor Browser.

Child Tickets

Change History (11)

comment:1 Changed 3 years ago by gk

Keywords: GeorgKoppen201612 added; GeorgKoppen201611 removed

Moving my tickets

comment:2 Changed 3 years ago by gk

Keywords: TorBrowserTeam201612 added; TorBrowserTeam201611 removed

Moving tickets to December.

comment:3 Changed 3 years ago by gk

FWIW: We already included a new secondary key earlier this year (#18008). The plan is to move that one into the first position and add a new one as the secondary signing key. This should happen for 7.0a1 and we would test that everything is working within the 7.0 alpha series.

comment:4 Changed 3 years ago by yawning

Cc: yawning added

comment:5 Changed 3 years ago by gk

Keywords: TorBrowserTeam201701 added; TorBrowserTeam201612 removed

Moving our tickets to January 2017

comment:6 Changed 3 years ago by gk

Keywords: GeorgKoppen201701 added; GeorgKoppen201612 removed

comment:7 Changed 3 years ago by gk

Keywords: TorBrowserTeam201701R added; TorBrowserTeam201701 removed
Status: newneeds_review

bug_20589 ( in my public Tor Browser repo has the cert for the new key and the secondary key moved to the first position. Regarding testing I followed a similar strategy as in comment:1:ticket:18008. The binaries for that are in The successful update updates the alpha to a nightly.

Note to self for the next time: Don't try to get it working with a nightly tar.xz. It will fail again, for reasons. :)

comment:8 Changed 3 years ago by mcs

Looks good to me.

comment:9 Changed 3 years ago by gk

Fixed with commit d69306e9517d718a6019b6f4814ef93591185895 on tor-browser-45.6.0esr-6.5-1, thanks.

comment:10 Changed 3 years ago by gk

Resolution: fixed
Status: needs_reviewclosed

comment:11 Changed 22 months ago by arthuredelstein

Keywords: tbb-no-uplift added
Note: See TracTickets for help on using tickets.