Re: [tor-dev] Apple App Store Redux
On Sun, Nov 17, 2013 at 09:15:58AM +, Georg Koppen wrote: Erinn Clark: I am at this point in favor of signing OSX packages with their codesigning but How is this supposed to work with Gitian? I don't see the problem. You can still verify the output of your Gitian build against the signed version. After all, signing an app just adds an LC_CODE_SIGNATURE load command plus associated data to your Mach-O files and a Contents/_CodeSignature/CodeResources for the resources to your app bundle. To verify you can simply remove both using command line tools and compare the signed version against the local Gitian build process output. Cheers, Ralf ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Re: [tor-dev] Proposal 195: TLS certificate normalization for Tor 0.2.4.x
On Mar 10, 2012, at 2:18 AM, George Kadianakis wrote: IIRC stateless TLS session resumption does not quire keeping key material. The required key material are all stored on the client side. You're thinking of this RFC5077 or its predecessor RFC4507, which only became implemented in OpenSSL 0.9.9 (http://rt.openssl.org/Ticket/Display.html?id=1574). The usual way to achieve session resumption before that was to keep around (cache) symmetric key data for a predefined period of time. Trouble is that many unixoid OS distributions still ship with a system OpenSSL version 0.9.9. Cheers, Ralf ___ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev