Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
T
tails
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 960
    • Issues 960
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 11
    • Merge Requests 11
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI/CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #16128

Closed
Open
Created Nov 15, 2018 by Anonymous@Anonymous29 of 29 tasks completed29/29 tasks

Move the verification JavaScript from the verification extension to the page itself

Nothing in https://tails.boum.org/contribute/design/verification_extension/ actually prevents us from including the code to verify Tails ISO images directly on our website. The extension does not seem to provide any particular benefit (since it’s been rewritten at least) over using the forge library and the verification code directly in the browser. As we use native Web APIs from the browser, we have access to the File objects and could even create a drag & drop area for the files to check.

The extension does not protect from MITM (then everything would be MITM’ed) and it does not protect from phishing (somebody who creates a webpage called tails.boum.org using weird unicode can always have a lets encrypt certificate for their domain and
pretend that everything is working well).

I’ve re-read the abovementioned design document and I cannot see any benefit in maintaining an extension currently.

Before the release

  • Have a security discussion
  • Adapt the interactions on the page
    1. The user downloads the file
    2. The user clicks on “Verify Tails 3.13…”
  • Implement the verification logic on the page
  • Check the compatibilty with more browser (Safari? Edge?)
  • Allow cross-origin requests on https://tails.boum.org/install/v2/Tails/amd64/stable/latest.json (sysadmin#17771 (closed))
  • Check if caching of JS files on the server poses a problem (#16091)
  • Deprecate the extension and make people aware that it’s unsupported and it does not fire on the page
    • Write /news/verification_extension_deprecation
  • Update the design documentation
    • Update /contribute/design/verification_extension (4967e834)
    • Update /contribute/working_together/roles/verification_extension (5cb101e1)
      • Test backward compatibility in release process (f481bdc4)
    • Update /doc/about/license (3ed73834)
  • Rescue from verification-extension.git the bits of internal documentation that we still need (896f33a9)
  • Test with Edge and Safari
  • Get a security review
    • Review and modify carefully our Cross-origin policies, so that Threat H is mitigated
    • Input validation in verifyFile (!183 (9093b48a))
    • Forge attack surface (!183 (ec95a37b))
  • Get a technical writing review
  • Build a minified version of Forge SHA-256

On the day of the release

  • Update date on /news/verification_extension_deprecation
  • Test having a different URL on retry
  • Tweet

Some time after the release

  • Always display file name in verification results
  • Remove the extension from app stores
  • Delete the Git repo and C:Verification Extension tag (sysadmin#17787 (closed))
  • Analysis the impact on the number of verified downloads
  • Only count verified downloads
    • I kept the counter for now but we should remove it after evaluating the impact on verified downloads
Edited Feb 26, 2021 by sajolida
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Tails_4.17
Milestone
Tails_4.17 (Past due)
Assign milestone
Time tracking
None
Due date
None