Please add a release MAR signing key to the database of known keys

RESOLVED FIXED

Status

()

RESOLVED FIXED
7 years ago
7 years ago

People

(Reporter: rail, Assigned: bbondy)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments, 2 obsolete attachments)

(Reporter)

Description

7 years ago
Created attachment 591197 [details]
release MAR signing public key

Attached is the public MAR signing key for release builds (betas and final ones). See bug 718804 for the details.
(Assignee)

Comment 1

7 years ago
Is this bug relating to the work on my end? I.e. to make sure updater.exe knows about this key?
(Reporter)

Comment 2

7 years ago
(In reply to Brian R. Bondy [:bbondy] from comment #1)
> Is this bug relating to the work on my end? I.e. to make sure updater.exe
> knows about this key?

yup, I was following https://bugzilla.mozilla.org/show_bug.cgi?id=701087#c1

BTW, it seems like the cert is valid only for 3 months. Let me know if I should regenerate it with different command line parameters.
(Assignee)

Comment 3

7 years ago
I think it would be best to generate in the past that way nothing will change after 3 months. We do not use the expiry aspect of the cert.  CCing bsmith and catlee in case they disagree with what I proposed.
(Reporter)

Comment 4

7 years ago
Created attachment 591258 [details]
release MAR signing public key

(In reply to Brian R. Bondy [:bbondy] from comment #3)
> I think it would be best to generate in the past that way nothing will
> change after 3 months. We do not use the expiry aspect of the cert.  CCing
> bsmith and catlee in case they disagree with what I proposed.

Great idea. Attached is a public key generated 2011-09-24 (4 months ago).
Attachment #591197 - Attachment is obsolete: true
(Reporter)

Comment 5

7 years ago
Comment on attachment 591258 [details]
release MAR signing public key

Typo in the subject, will regenerate. sorry for the nose.
Attachment #591258 - Attachment is obsolete: true
(Reporter)

Comment 6

7 years ago
Created attachment 591280 [details]
release MAR signing public key

The correct one. I hope :)
(Assignee)

Updated

7 years ago
Assignee: nobody → netzen
(Assignee)

Comment 7

7 years ago
Thanks for the cert Rail, we need a secondary cert as well though.  The secondary cert won't be used initially, but it should be kept in a safe place in case we ever need to use it.  Please attach another for that.
(Assignee)

Comment 8

7 years ago
I included the first cert in Bug 704285, I still the second one though.
(Reporter)

Comment 9

7 years ago
Created attachment 592178 [details]
second release public certificate
(Assignee)

Comment 10

7 years ago
I included these certs inside the patch in bug 704285. I'm going to mark this as resolved.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.