#20189: MAR files should be signed with a modern signature algorithm. ------------------------------------------+---------------------- Reporter: yawning | Owner: tbb-team Type: enhancement | Status: new Priority: Medium | Milestone: Component: Applications/Tor Browser | Version: Severity: Normal | Keywords: Actual Points: | Parent ID: Points: | Reviewer: Sponsor: | ------------------------------------------+---------------------- Mostly theoretical, and may be just a case of out of date upstream documentation.
https://wiki.mozilla.org/Software_Update:MAR > 1: RSA-PKCS1-SHA1 (2048 bits / 256 bytes) We should patch the MAR related code to add something more suitable to our adversary model, though what's used now should be "adequate" for the near term future. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20189> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online _______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs