Opened 8 years ago

Closed 7 years ago

Last modified 5 years ago

#3911 closed defect (duplicate)

begin signing OSX packages the OSX way

Reported by: erinn Owned by: erinn
Priority: High Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Keywords: gatekeeper
Cc: ioerror Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

We're researching ways to make all of our binaries and packages more verifiably from us. Xcode has the ability to do its own kind of codesigning, which we should investigate more.

http://developer.apple.com/library/mac/documentation/Security/Conceptual/CodeSigningGuide/Introduction/Introduction.html

Child Tickets

Change History (5)

comment:1 Changed 8 years ago by ioerror

I think we should look to get the Tor Browser Bundle into the App store and even though it is really really messed up model, users on the platform may want anonymity systems with a trust path through Apple. Ugh? :)

comment:2 Changed 8 years ago by ioerror

Cc: ioerror added

comment:3 Changed 8 years ago by erinn

I agree. I'm not sure what the licensing requirements are, we may have difficulty distributing a bundle which has multiple types of software from different vendors in it. But we should at least find out what the options are.

comment:4 Changed 7 years ago by erinn

Resolution: duplicate
Status: newclosed

Let's use #6540 for discussion about this, given the new Gatekeeper situation. I'm going to close this one -- if you feel it's a separate discussion please reopen.

comment:5 Changed 5 years ago by dcf

Keywords: gatekeeper added
Note: See TracTickets for help on using tickets.