Opened 15 months ago

Last modified 5 months ago

#31294 assigned task

Sign Tor Browser releases with an OpenPGP tool that includes Issuer Fingerprint subpackets

Reported by: boklm Owned by: gk
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-sign, TorBrowserTeamTriaged, GeorgKoppen202006
Cc: dkg, tbb-team Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


#31292 has details about the issue. This ticket is for the Tor Browser signatures, while #31292 is for the Tor source tarballs signatures.

Child Tickets

Change History (7)

comment:1 Changed 15 months ago by gk

Hrm, seems we need a newer GnuPG version on our signing machine... :(

comment:2 Changed 14 months ago by dkg

I don't know what your signing machine is running, but over in #31292, nickm suggests that on some older version of fedora, gpg is just the 1.4 series, while gpg2 is the more modern version. Perhaps you just need to invoke it as gpg2?

comment:3 Changed 12 months ago by gk

Keywords: tbb-sign added

comment:4 Changed 11 months ago by sysrqb

Keywords: TorBrowserTeamTriaged added

comment:5 Changed 9 months ago by gk

Cc: tbb-team added
Keywords: GeorgKoppen202004 added
Owner: changed from tbb-team to gk
Status: newassigned

Let's revisit that during our work on #33169.

comment:6 Changed 6 months ago by gk

Keywords: GeorgKoppen202005 added; GeorgKoppen202004 removed

Moving my tickets to May.

comment:7 Changed 5 months ago by gk

Keywords: GeorgKoppen202006 added; GeorgKoppen202005 removed

Moving my tickets.

Note: See TracTickets for help on using tickets.