mozilla :: #security

20 Apr 2017
08:00hrosikhi, is there3 a more authoritative public source for MFSAs than ?
08:00hrosikbecause it doesn't seem to be carrying the latest round yet
08:01freddybhrosik: I think they do
08:02freddybthe latest commit is 15hrs ago, which added security advisories for our latest releases
08:04hrosikfreddyb: you're right, of course. pebkac - I didn't parse `git fetch` output properly. :)
08:07freddybnp :)
08:57annevkFYI should not be security-sensitive
08:57firebotBug 1356995 is not accessible
08:59freddybI completely agree.
16:28tsmithLooks a bit broken on mobile
16:53Alex_Gaynortjr: do you know what stem is (in the context of tor)?
18:03tjrAlex_Gaynor: stem is a python library for interacting with the tor daemon via the control port and for parsing and doing analysis on tor documents (consensus, votes, descriptors)
18:04Alex_Gaynortjr: interesting; (someone file a bug on a python crypto library I work on asking for ed25519 for it)
18:05tjrYea, tor has ed25519 keys now, so having stem be able to fiddle with those keys would be important
18:05Alex_GaynorLooks like they use pynacl ATM (which I guess I also help maintain), but would prefer to use pyca/cryptography
22:42guigsDid you guys already catch the fake sites?
23:18jimmgood ol IDNA
21 Apr 2017
No messages
Last message: 6 days and 16 hours ago