Hi,
after spending a lot of time and energy in getting all the bits correctly assembled we now think we have a properly[1] signed OS X bundle that should pass the Gatekeeper test:
https://people.torproject.org/~gk/testbuilds/torbrowser-signing-test.dmg https://people.torproject.org/~gk/testbuilds/torbrowser-signing-test.dmg.asc
If you happen to own an OS X with Gatekeeper enabled, please give it a try and report back if things are working fine or a broken.
Thanks,
Georg
[1] There is one caveat: the bundle is not timestamped at the moment. But that should not impact the validity of the signature until the certificate is expired.
Hi,
I tried all options and these were the results (screenshots also attached):
Testing: torbrowser-signing-test.dmg Platform: Mac OS X 10.11.4 (15E65)
——————————————————————————————————————————
Allow apps download from: Mac App Store
“TorBrowser.app” can’t be opened because it was not downloaded from the Mac App Store.
Your security preferences allow installation of only apps from the Mac App Store.
“TorBrowser.app” is on the disk image “torbrowser-signing-test.dmg”. Firefox.app downloaded this disk image today at 09:45.
[ok]
——————————————————————————————————————————
Allow apps download from: Mac App Store and identified developers
“TorBrowser.app” is an application downloaded from the Internet. Are you sure you want to open it?
“TorBrowser.app” is on the disk image “torbrowser-signing-test.dmg”. Firefox.app downloaded this disk image today at 09:45.
[checkbox] Don’t warn me when opening applications on this disk image
[cancel] [show disk image] [open]
——————————————————————————————————————————
Allow apps download from: Anywhere
“TorBrowser.app” is an application downloaded from the Internet. Are you sure you want to open it?
“TorBrowser.app” is on the disk image “torbrowser-signing-test.dmg”. Firefox.app downloaded this disk image today at 09:45.
[checkbox] Don’t warn me when opening applications on this disk image
[cancel] [show disk image] [open]
——————————————————————————————————————————
Best, Wilton
Georg Koppen:
Hi,
after spending a lot of time and energy in getting all the bits correctly assembled we now think we have a properly[1] signed OS X bundle that should pass the Gatekeeper test:
https://people.torproject.org/~gk/testbuilds/torbrowser-signing-test.dmg https://people.torproject.org/~gk/testbuilds/torbrowser-signing-test.dmg.asc
If you happen to own an OS X with Gatekeeper enabled, please give it a try and report back if things are working fine or a broken.
Thanks,
Georg
[1] There is one caveat: the bundle is not timestamped at the moment. But that should not impact the validity of the signature until the certificate is expired.
tor-qa mailing list tor-qa@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-qa
-
Georg Koppen -
Wilton Gorske