Opened 10 months ago

Last modified 4 weeks ago

#31294 assigned task

Sign Tor Browser releases with an OpenPGP tool that includes Issuer Fingerprint subpackets

Reported by: boklm Owned by: gk
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords: tbb-sign, TorBrowserTeamTriaged, GeorgKoppen202005
Cc: dkg, tbb-team Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


#31292 has details about the issue. This ticket is for the Tor Browser signatures, while #31292 is for the Tor source tarballs signatures.

Child Tickets

Change History (6)

comment:1 Changed 10 months ago by gk

Hrm, seems we need a newer GnuPG version on our signing machine... :(

comment:2 Changed 9 months ago by dkg

I don't know what your signing machine is running, but over in #31292, nickm suggests that on some older version of fedora, gpg is just the 1.4 series, while gpg2 is the more modern version. Perhaps you just need to invoke it as gpg2?

comment:3 Changed 7 months ago by gk

Keywords: tbb-sign added

comment:4 Changed 6 months ago by sysrqb

Keywords: TorBrowserTeamTriaged added

comment:5 Changed 4 months ago by gk

Cc: tbb-team added
Keywords: GeorgKoppen202004 added
Owner: changed from tbb-team to gk
Status: newassigned

Let's revisit that during our work on #33169.

comment:6 Changed 4 weeks ago by gk

Keywords: GeorgKoppen202005 added; GeorgKoppen202004 removed

Moving my tickets to May.

Note: See TracTickets for help on using tickets.