Georg Koppen:
> Hmm... What happens in cases like the following:
>
> 4 authorities include a PACKAGENAME/VERSION pair with URL1 and DIGEST1
> and 4 other authorities include the same PACKAGENAME/VERSION pair with
> URL2 and DIGEST2 and, say, 1 authority includes no such
> PACKAGENAME/VERSION pair
Hi,
Nick Mathewson:
> Here's a new proposal for a thing that Mike wants for TBB. Please review!
[snip]
> 2. Proposal
>
>We introduce a new line for inclusion in votes and consensuses.
>Its format is:
>
> "package" SP PACKAGENAME SP VERSION SP URL SP DIGESTS NL
>
> PACKAGEN
Hi Nick,
This sounds related to an old idea I presented at PETS 2006:
http://www.lightbluetouchpaper.org/2006/07/13/protecting-software-distribution-with-a-cryptographic-build-process/
However there's an important difference. The proposal below is how the
directory authorities advertise "good"
Here's a new proposal for a thing that Mike wants for TBB. Please review!
Filename: 227-vote-on-package-fingerprints.txt
Title: Include package fingerprints in consensus documents
Author: Nick Mathewson, Mike Perry
Created: 2014-02-14
Status: Open
0. Abstract
We propose extending the Tor co
