Nothing in https://tails.boum.org/contribute/design/verification_extension/ actually prevents us from including the code to verify Tails ISO images directly on our website. The extension does not seem to provide any particular benefit (since it’s been rewritten at least) over using the forge library and the verification code directly in the browser. As we use native Web APIs from the browser, we have access to the File objects and could even create a drag & drop area for the files to check.
The extension does not protect from MITM (then everything would be
MITM’ed) and it does not protect from phishing (somebody who creates a
webpage called tails.boum.org using weird unicode can always have a lets
encrypt certificate for their domain and
pretend that everything is working well).
I’ve re-read the abovementioned design document and I cannot see any benefit in maintaining an extension currently.
- Have a security discussion
Adapt the interactions on the page
- The user downloads the file
- The user clicks on “Verify Tails 3.13…”
- Implement the verification logic on the page
- Check the compatibilty with more browser (Safari? Edge?)
- Review and modify carefully our Cross-origin policies, so that Threat H is mitigated
- Check if caching of JS files on the server poses a problem (#16091)
- Deprecate the extension and make people aware that it’s unsupported and it does not fire on the page
- Update the design documentation
- Rescue from verification-extension.git the bits of internal documentation that we still need