Maybe crosspost to Libtech?
A lot of EFF people read there, and there's a lot of people with a
legal/policy background who could give some good insights.
--
Greg Norcie (g...@norcie.com)
GPG key: 0x1B873635
On 11/10/12 11:30 AM, Matthew Fisch wrote:
> I think the idea of getting an organization
I think the idea of getting an organization such as the EFF (with credibility
Apple couldn't afford to deny) to sign off on the binaries sounds like the only
plausible solution -- though I understand the politics of this aren't exactly
trivial. I didn't realize legal kung-fu was necessary when y
On 11/10/12 1:19 PM, adrelanos wrote:
> If you want you can register as "me" representing Tor Project (i've no
> relationship with Tor Project Inc), with my personal credit card, in
> clear violation of ADP (i don't care that much).
> Not sure if that is legal, what the consequences (probable not t
On 11/10/12 12:49 PM, Peter Tonoli wrote:
>
> On 10/11/12 6:49 PM, Fabio Pietrosanti (naif) wrote
>
> > Whatever apple would try to do against Tor Project, Apple will have to
> > sue me or ask me their rights! :P
> Or they could just revoke your developer certificate, and cause a lot of
> grief for
Peter Tonoli:
>
> On 10/11/12 11:02 PM, Roman Mamedov wrote:
>> On Fri, 9 Nov 2012 18:05:58 -0500
>> Matthew Fisch wrote:
>
>>> The installer can be verified with PGP using the published signature
> and GPG or PGP software.
>>> This however, is beyond the technical prowess of the vast majority o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/11/12 11:02 PM, Roman Mamedov wrote:
> On Fri, 9 Nov 2012 18:05:58 -0500
> Matthew Fisch wrote:
>
>> The installer can be verified with PGP using the published signature
and GPG or PGP software.
>> This however, is beyond the technical prowes
Roman Mamedov:
> On Fri, 9 Nov 2012 18:05:58 -0500
> Matthew Fisch wrote:
>
>> The installer can be verified with PGP using the published signature and GPG
>> or PGP software.
>> This however, is beyond the technical prowess of the vast majority of Mac OS
>> X users of the torbrowser bundle.
>
Fabio Pietrosanti (naif):
> On 11/10/12 2:40 AM, and...@torproject.is wrote:
>> On Fri, Nov 09, 2012 at 06:05:58PM -0500, mfi...@mfisch.com wrote 1.0K bytes
>> in 18 lines about:
>> : TorProject should be registered as an Apple software developer, and the
>> binary should be signed, both to incre
On Fri, 9 Nov 2012 18:05:58 -0500
Matthew Fisch wrote:
> The installer can be verified with PGP using the published signature and GPG
> or PGP software.
> This however, is beyond the technical prowess of the vast majority of Mac OS
> X users of the torbrowser bundle.
Well maybe those users nee
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 10/11/12 6:49 PM, Fabio Pietrosanti (naif) wrote
>
> Whatever apple would try to do against Tor Project, Apple will have to
> sue me or ask me their rights! :P
Or they could just revoke your developer certificate, and cause a lot of
grief for the
On 11/10/12 2:40 AM, and...@torproject.is wrote:
> On Fri, Nov 09, 2012 at 06:05:58PM -0500, mfi...@mfisch.com wrote 1.0K bytes
> in 18 lines about:
> : TorProject should be registered as an Apple software developer, and the
> binary should be signed, both to increase credibility of the torprojec
On Fri, Nov 09, 2012 at 06:05:58PM -0500, mfi...@mfisch.com wrote 1.0K bytes in
18 lines about:
: TorProject should be registered as an Apple software developer, and the
binary should be signed, both to increase credibility of the torproject and the
safety of users.
No. The last time we reviewe
Greg Norcie:
> I guess it comes down to risk calculus:
>
> Which has a worse outcome: training users to ignore security warning
> from OSX, or the chilling effects an Apple NDA could have on the project.
>
> (I don't pretend to know the answer myself.)
I think the answer is near "use the securit
I guess it comes down to risk calculus:
Which has a worse outcome: training users to ignore security warning
from OSX, or the chilling effects an Apple NDA could have on the project.
(I don't pretend to know the answer myself.)
--
Greg Norcie (g...@norcie.com)
GPG key: 0x1B873635
On 11/9/12 6:2
Roger Dingledine:
> On Fri, Nov 09, 2012 at 06:05:58PM -0500, Matthew Fisch wrote:
>> TorProject should be registered as an Apple software developer, and the
>> binary should be signed, both to increase credibility of the torproject
>> and the safety of users.
>
> I agree with you about the 'safet
On Fri, Nov 09, 2012 at 06:05:58PM -0500, Matthew Fisch wrote:
> TorProject should be registered as an Apple software developer, and the
>binary should be signed, both to increase credibility of the torproject
>and the safety of users.
I agree with you about the 'safety of users' side. But I'm not
16 matches
Mail list logo
