Project

General

Profile

Feature #1935

Document and/or decide on the Replicant project signing and encryption key usage and policies

Added by Denis 'GNUtoo' Carikli 6 months ago. Updated 6 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Website and wiki content
Target version:
Start date:
05/13/2019
Due date:
% Done:

0%

Estimated time:
Resolution:
Device:

Related issues

Blocks Replicant - Issue #1960: Build release candidate image for 6.0 0004New10/09/2019

Actions

History

#1

Updated by Denis 'GNUtoo' Carikli 6 months ago

  • Subject changed from Document and/or decide on the Replicant project gpg key usage and policies to Document and/or decide on the Replicant project signing and encryption key usage and policies

Replicant mainly uses gpg for signing the releases.

The gpg key is also setup for the contact address, but it's use is highly discouraged as not everyone has access to that key.

Some people already used that gpg (public) key to send encrypted logs with potentially privacy sensitive information in bugreports, but as not everyone has access to that key currently only developers not participating anymore in Replicant can read such logs.

See the following for some examples of gpg usage:
https://tails.boum.org/doc/about/openpgp_keys/index.en.html

Building Replicant also generates some TLS signing keys to sign the images:
  • Keys are used by the recovery to verify the installation zip.
  • Keys are also used to sign apk within the Replicant image.
  • Keys might also be used for generating OTA upgrades, but that is currently unused by Replicant.
#2

Updated by Denis 'GNUtoo' Carikli 6 months ago

  • Category set to Website and wiki content
#3

Updated by Kurtis Hanna about 1 month ago

  • Blocked by Issue #1960: Build release candidate image for 6.0 0004 added
#4

Updated by Kurtis Hanna about 1 month ago

  • Blocked by deleted (Issue #1960: Build release candidate image for 6.0 0004)
#5

Updated by Kurtis Hanna about 1 month ago

  • Blocks Issue #1960: Build release candidate image for 6.0 0004 added

Also available in: Atom PDF