[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [translation/support-portal] new translations in support-portal
commit 122a3ad70ce2101381d76456b427617261ccc8f0
Author: Translation commit bot <translation@xxxxxxxxxxxxxx>
Date: Thu Feb 17 10:49:34 2022 +0000
new translations in support-portal
---
contents+ach.po | 150 ++++++++++++++++++++++++----------
contents+af.po | 150 ++++++++++++++++++++++++----------
contents+am.po | 150 ++++++++++++++++++++++++----------
contents+ar.po | 165 ++++++++++++++++++++++++-------------
contents+ast.po | 150 ++++++++++++++++++++++++----------
contents+az.po | 150 ++++++++++++++++++++++++----------
contents+ba.po | 150 ++++++++++++++++++++++++----------
contents+be.po | 150 ++++++++++++++++++++++++----------
contents+bg.po | 165 ++++++++++++++++++++++++-------------
contents+bn.po | 165 ++++++++++++++++++++++++-------------
contents+bo.po | 165 ++++++++++++++++++++++++-------------
contents+br.po | 150 ++++++++++++++++++++++++----------
contents+bs.po | 150 ++++++++++++++++++++++++----------
contents+ca.po | 169 +++++++++++++++++++++++++-------------
contents+ceb.po | 150 ++++++++++++++++++++++++----------
contents+cs.po | 150 ++++++++++++++++++++++++----------
contents+cy.po | 150 ++++++++++++++++++++++++----------
contents+da.po | 165 ++++++++++++++++++++++++-------------
contents+de.po | 194 +++++++++++++++++++++++++-------------------
contents+dz.po | 150 ++++++++++++++++++++++++----------
contents+el.po | 173 +++++++++++++++++++++++++--------------
contents+en_GB.po | 150 ++++++++++++++++++++++++----------
contents+eo.po | 150 ++++++++++++++++++++++++----------
contents+es.po | 193 ++++++++++++++++++++++++++------------------
contents+et.po | 150 ++++++++++++++++++++++++----------
contents+eu.po | 150 ++++++++++++++++++++++++----------
contents+fa.po | 150 ++++++++++++++++++++++++----------
contents+fa_AF.po | 150 ++++++++++++++++++++++++----------
contents+fi.po | 150 ++++++++++++++++++++++++----------
contents+fil.po | 150 ++++++++++++++++++++++++----------
contents+fo.po | 150 ++++++++++++++++++++++++----------
contents+fr.po | 169 +++++++++++++++++++++++++-------------
contents+ga.po | 165 ++++++++++++++++++++++++-------------
contents+gd.po | 150 ++++++++++++++++++++++++----------
contents+gl.po | 150 ++++++++++++++++++++++++----------
contents+gu.po | 150 ++++++++++++++++++++++++----------
contents+he.po | 156 ++++++++++++++++++++++++-----------
contents+hi.po | 165 ++++++++++++++++++++++++-------------
contents+hr.po | 150 ++++++++++++++++++++++++----------
contents+hu.po | 169 +++++++++++++++++++++++++-------------
contents+hy.po | 150 ++++++++++++++++++++++++----------
contents+id.po | 165 ++++++++++++++++++++++++-------------
contents+ig.po | 150 ++++++++++++++++++++++++----------
contents+is.po | 165 ++++++++++++++++++++++++-------------
contents+it.po | 165 ++++++++++++++++++++++++-------------
contents+ja.po | 164 +++++++++++++++++++++++++------------
contents+jv.po | 150 ++++++++++++++++++++++++----------
contents+ka.po | 169 +++++++++++++++++++++++++-------------
contents+kk.po | 154 ++++++++++++++++++++++++-----------
contents+km.po | 154 ++++++++++++++++++++++++-----------
contents+kn.po | 150 ++++++++++++++++++++++++----------
contents+ko.po | 165 ++++++++++++++++++++++++-------------
contents+ku_IQ.po | 150 ++++++++++++++++++++++++----------
contents+ky.po | 150 ++++++++++++++++++++++++----------
contents+la.po | 150 ++++++++++++++++++++++++----------
contents+lb.po | 150 ++++++++++++++++++++++++----------
contents+lo.po | 150 ++++++++++++++++++++++++----------
contents+lt.po | 150 ++++++++++++++++++++++++----------
contents+lv.po | 150 ++++++++++++++++++++++++----------
contents+mk.po | 156 ++++++++++++++++++++++++-----------
contents+ml.po | 150 ++++++++++++++++++++++++----------
contents+mn.po | 150 ++++++++++++++++++++++++----------
contents+mr.po | 156 ++++++++++++++++++++++++-----------
contents+ms.po | 165 ++++++++++++++++++++++++-------------
contents+mt.po | 150 ++++++++++++++++++++++++----------
contents+my.po | 165 ++++++++++++++++++++++++-------------
contents+nb.po | 150 ++++++++++++++++++++++++----------
contents+nds.po | 150 ++++++++++++++++++++++++----------
contents+ne.po | 150 ++++++++++++++++++++++++----------
contents+nl.po | 150 ++++++++++++++++++++++++----------
contents+nn.po | 150 ++++++++++++++++++++++++----------
contents+or.po | 150 ++++++++++++++++++++++++----------
contents+pa.po | 150 ++++++++++++++++++++++++----------
contents+pl.po | 150 ++++++++++++++++++++++++----------
contents+pms.po | 150 ++++++++++++++++++++++++----------
contents+ps.po | 150 ++++++++++++++++++++++++----------
contents+pt-BR.po | 169 +++++++++++++++++++++++++-------------
contents+pt-PT.po | 150 ++++++++++++++++++++++++----------
contents+ro.po | 169 +++++++++++++++++++++++++-------------
contents+ru.po | 176 +++++++++++++++++++++++++---------------
contents+sco.po | 150 ++++++++++++++++++++++++----------
contents+si.po | 150 ++++++++++++++++++++++++----------
contents+sk.po | 150 ++++++++++++++++++++++++----------
contents+sl.po | 150 ++++++++++++++++++++++++----------
contents+sn.po | 150 ++++++++++++++++++++++++----------
contents+so.po | 150 ++++++++++++++++++++++++----------
contents+sq.po | 150 ++++++++++++++++++++++++----------
contents+sr.po | 150 ++++++++++++++++++++++++----------
contents+sv.po | 165 ++++++++++++++++++++++++-------------
contents+sw.po | 165 ++++++++++++++++++++++++-------------
contents+szl.po | 150 ++++++++++++++++++++++++----------
contents+ta.po | 150 ++++++++++++++++++++++++----------
contents+te.po | 150 ++++++++++++++++++++++++----------
contents+tg.po | 150 ++++++++++++++++++++++++----------
contents+th.po | 165 ++++++++++++++++++++++++-------------
contents+tk.po | 150 ++++++++++++++++++++++++----------
contents+tl_PH.po | 150 ++++++++++++++++++++++++----------
contents+tr.po | 193 ++++++++++++++++++++++++++------------------
contents+ug@xxxxxxx | 150 ++++++++++++++++++++++++----------
contents+uk.po | 150 ++++++++++++++++++++++++----------
contents+ur.po | 150 ++++++++++++++++++++++++----------
contents+uz.po | 150 ++++++++++++++++++++++++----------
contents+vi.po | 150 ++++++++++++++++++++++++----------
contents+vls.po | 150 ++++++++++++++++++++++++----------
contents+yo.po | 150 ++++++++++++++++++++++++----------
contents+zh-CN.po | 175 ++++++++++++++++++++++++++--------------
contents+zh-TW.po | 184 ++++++++++++++++++++++++++----------------
contents.pot | 228 +++++++++++++++++++++++++++++++++++-----------------
108 files changed, 11713 insertions(+), 5197 deletions(-)
diff --git a/contents+ach.po b/contents+ach.po
index ad576dd76d..8afa90604a 100644
--- a/contents+ach.po
+++ b/contents+ach.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Acoli (https://www.transifex.com/otf/teams/1519/ach/)\n"
@@ -4043,8 +4043,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4225,8 +4223,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4326,8 +4322,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4383,8 +4377,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4417,15 +4409,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7226,7 +7214,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13935,27 +13923,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13973,19 +13979,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,7 +14053,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14037,22 +14083,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14068,37 +14135,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+af.po b/contents+af.po
index 56a9894908..374270242b 100644
--- a/contents+af.po
+++ b/contents+af.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Afrikaans (https://www.transifex.com/otf/teams/1519/af/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+am.po b/contents+am.po
index babbdf6536..de1ba51e30 100644
--- a/contents+am.po
+++ b/contents+am.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Amharic (https://www.transifex.com/otf/teams/1519/am/)\n"
@@ -4047,8 +4047,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4229,8 +4227,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4330,8 +4326,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4387,8 +4381,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4421,15 +4413,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7230,7 +7218,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13939,27 +13927,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13977,19 +13983,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14011,7 +14057,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14041,22 +14087,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14072,37 +14139,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ar.po b/contents+ar.po
index bf65e377eb..cc5963564b 100644
--- a/contents+ar.po
+++ b/contents+ar.po
@@ -22,7 +22,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Arabic (https://www.transifex.com/otf/teams/1519/ar/)\n"
@@ -4846,8 +4846,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5054,8 +5052,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Ù?ذا سÙ?ظÙ?ر Ù?Ù? Ø´Ù?ئا Ù?Ø«Ù?:"
@@ -5168,8 +5164,6 @@ msgstr "### اÙ?تØÙ?Ù? Ù?Ù? اÙ?تÙ?Ù?Ù?ع"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5238,8 +5232,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Ù?تÙ?جة اÙ?Ø£Ù?ر Ù?جب Ø£Ù? تÙ?تج Ø´Ù?ئا Ù?Ø«Ù? Ù?ذا:"
@@ -5277,15 +5269,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### اÙ?ØÙ? اÙ?بدÙ?Ù? (باستخداÙ? Ù?Ù?ØªØ§Ø Ø¹Ø§Ù?)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8711,11 +8699,9 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
-"إذا Ù?اÙ? Ø£Øد Ù?Ø°Ù? اÙ?Ø®Ù?ارات أدÙ?اÙ? Ù?ا Ù?عÙ?Ù?Ø? Ù?تØÙ?Ù? Ù?Ù? [سجÙ?ات Tor](../../ connect "
-"/ connect-2 /) Ù?جرب Ø®Ù?ارÙ?ا آخر."
#: https//support.torproject.org/censorship/gettor-1/
#: (content/censorship/gettor-1/contents+en.lrquestion.title)
@@ -16536,27 +16522,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16574,21 +16578,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16611,8 +16654,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>â?ª"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16643,29 +16686,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16681,42 +16739,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ast.po b/contents+ast.po
index 1a2bef1cb8..d4532499e8 100644
--- a/contents+ast.po
+++ b/contents+ast.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Asturian (https://www.transifex.com/otf/teams/1519/ast/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+az.po b/contents+az.po
index 286c661743..ee249aa74f 100644
--- a/contents+az.po
+++ b/contents+az.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Azerbaijani (https://www.transifex.com/otf/teams/1519/az/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ba.po b/contents+ba.po
index 29876402dd..fa92374164 100644
--- a/contents+ba.po
+++ b/contents+ba.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Bashkir (https://www.transifex.com/otf/teams/1519/ba/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+be.po b/contents+be.po
index fb10f0bd14..9da23223c0 100644
--- a/contents+be.po
+++ b/contents+be.po
@@ -14,7 +14,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Belarusian (https://www.transifex.com/otf/teams/1519/be/)\n"
@@ -4051,8 +4051,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4233,8 +4231,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4334,8 +4330,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4391,8 +4385,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4425,15 +4417,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7234,7 +7222,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13943,27 +13931,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13981,19 +13987,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14015,7 +14061,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14045,22 +14091,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14076,37 +14143,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+bg.po b/contents+bg.po
index 5a590872b0..275e7dc3b4 100644
--- a/contents+bg.po
+++ b/contents+bg.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Bulgarian (https://www.transifex.com/otf/teams/1519/bg/)\n"
@@ -4061,8 +4061,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4243,8 +4241,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4350,8 +4346,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4413,8 +4407,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4449,15 +4441,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7267,7 +7255,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14007,27 +13995,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14045,21 +14051,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14082,8 +14127,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14112,29 +14157,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14150,42 +14210,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+bn.po b/contents+bn.po
index 59c995aa80..d265439141 100644
--- a/contents+bn.po
+++ b/contents+bn.po
@@ -14,7 +14,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Bengali (https://www.transifex.com/otf/teams/1519/bn/)\n"
@@ -4157,8 +4157,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4342,8 +4340,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4449,8 +4445,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4512,8 +4506,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4548,15 +4540,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7647,7 +7635,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14506,27 +14494,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14544,21 +14550,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14581,8 +14626,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14611,29 +14656,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14649,42 +14709,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+bo.po b/contents+bo.po
index 9efb319c63..7ce938b213 100644
--- a/contents+bo.po
+++ b/contents+bo.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Tibetan (https://www.transifex.com/otf/teams/1519/bo/)\n"
@@ -4046,8 +4046,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4228,8 +4226,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4335,8 +4331,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4398,8 +4392,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4434,15 +4426,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7252,7 +7240,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13989,27 +13977,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14027,21 +14033,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14064,8 +14109,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14094,29 +14139,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14132,42 +14192,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+br.po b/contents+br.po
index bf884fe250..7bc58584eb 100644
--- a/contents+br.po
+++ b/contents+br.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Breton (https://www.transifex.com/otf/teams/1519/br/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+bs.po b/contents+bs.po
index 38439419bb..94e40d7ab5 100644
--- a/contents+bs.po
+++ b/contents+bs.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Bosnian (https://www.transifex.com/otf/teams/1519/bs/)\n"
@@ -4056,8 +4056,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4238,8 +4236,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4339,8 +4335,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4396,8 +4390,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4430,15 +4422,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7239,7 +7227,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13948,27 +13936,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13986,19 +13992,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14020,7 +14066,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14050,22 +14096,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14081,37 +14148,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ca.po b/contents+ca.po
index 41828cc2e0..421794b142 100644
--- a/contents+ca.po
+++ b/contents+ca.po
@@ -14,9 +14,9 @@
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: El Virus <eloimc4@xxxxxxxxx>, 2022\n"
"Language-Team: Catalan (https://www.transifex.com/otf/teams/1519/ca/)\n"
@@ -4164,8 +4164,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4349,8 +4347,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4456,8 +4452,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4519,8 +4513,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4555,15 +4547,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7705,7 +7693,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14568,27 +14556,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14606,21 +14612,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14643,8 +14688,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14673,29 +14718,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14711,42 +14771,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ceb.po b/contents+ceb.po
index 87f5a98986..c747b45538 100644
--- a/contents+ceb.po
+++ b/contents+ceb.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Cebuano (https://www.transifex.com/otf/teams/1519/ceb/)\n"
@@ -4043,8 +4043,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4225,8 +4223,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4326,8 +4322,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4383,8 +4377,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4417,15 +4409,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7226,7 +7214,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13935,27 +13923,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13973,19 +13979,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,7 +14053,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14037,22 +14083,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14068,37 +14135,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+cs.po b/contents+cs.po
index 05b3dab2e9..09bc747ec1 100644
--- a/contents+cs.po
+++ b/contents+cs.po
@@ -19,7 +19,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Czech (https://www.transifex.com/otf/teams/1519/cs/)\n"
@@ -4084,8 +4084,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4269,8 +4267,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4370,8 +4366,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4427,8 +4421,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4463,15 +4455,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7346,7 +7334,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14055,27 +14043,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14093,19 +14099,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14127,7 +14173,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14157,22 +14203,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14188,37 +14255,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+cy.po b/contents+cy.po
index 390093b675..6751e90684 100644
--- a/contents+cy.po
+++ b/contents+cy.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Welsh (https://www.transifex.com/otf/teams/1519/cy/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+da.po b/contents+da.po
index b1e1b4c1ac..df6410207a 100644
--- a/contents+da.po
+++ b/contents+da.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Danish (https://www.transifex.com/otf/teams/1519/da/)\n"
@@ -4058,8 +4058,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4240,8 +4238,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4347,8 +4343,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4410,8 +4404,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4446,15 +4438,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7268,7 +7256,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14005,27 +13993,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14043,21 +14049,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14080,8 +14125,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14110,29 +14155,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14148,42 +14208,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+de.po b/contents+de.po
index 8ca9fd1673..1e7c61b909 100644
--- a/contents+de.po
+++ b/contents+de.po
@@ -18,16 +18,16 @@
# Philipp . <Kuschat@xxxxxx>, 2021
# erinm, 2021
# Ettore Atalan <atalanttore@xxxxxxxxxxxxxx>, 2021
-# Curtis Baltimore <curtisbaltimore@xxxxxxxxxxxxxx>, 2022
# Emma Peel, 2022
+# Curtis Baltimore <curtisbaltimore@xxxxxxxxxxxxxx>, 2022
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: Emma Peel, 2022\n"
+"Last-Translator: Curtis Baltimore <curtisbaltimore@xxxxxxxxxxxxxx>, 2022\n"
"Language-Team: German (https://www.transifex.com/otf/teams/1519/de/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -5102,8 +5102,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5319,8 +5317,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Dies sollte ungefähr wie folgt aussehen:"
@@ -5438,8 +5434,6 @@ msgstr "### �berprüft die Signatur"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5512,8 +5506,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Der Befehl sollte in etwa Folgendes ausgeben:"
@@ -5552,15 +5544,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Umgehung (einen öffentlichen Schlüssel benutzen)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -9186,11 +9174,9 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
-"Wenn eine der folgenden Optionen nicht funktioniert, überprüfe deine [Tor-"
-"Logs](../../connecting/connecting-2/) und versuche eine andere Option."
#: https//support.torproject.org/censorship/gettor-1/
#: (content/censorship/gettor-1/contents+en.lrquestion.title)
@@ -17590,37 +17576,46 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
msgstr ""
-"Jede Datei auf unserer [Download-"
-"Seite](https://www.torproject.org/download/tor) wird von einer Datei mit der"
-" Bezeichnung \"sig\" begleitet, die den gleichen Namen wie das Paket und die"
-" Erweiterung \".asc\" trägt."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
-msgstr "Diese .asc-Dateien sind OpenPGP-Signaturen."
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
-"Dies ist je nach Webbrowser unterschiedlich, aber im Allgemeinen kannst du "
-"diese Datei herunterladen, indem du mit der rechten Maustaste auf den Link "
-"\"sig\" klickst und die Option \"Datei speichern unter\" wählst."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
-"Zum Beispiel wird `tor-0.4.6.7.tar.gz` von `tor-0.4.6.7.tar.gz.asc` "
-"begleitet."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17639,23 +17634,60 @@ msgstr "Wie du das machst, hängt von deiner Distribution ab."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
msgstr ""
-"Roger Dingledine (0xEB5A896A28988BF5 und 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) signieren Tor-Quelltext-Tar-Pakete."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
-msgstr "Abruf des aktuellsten Schlüssels von Nick Mathewson:"
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17678,8 +17710,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17713,29 +17745,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17751,50 +17798,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
-"Der Schlüssel von Nick Mathewson ist auch auf "
-"[keys.openpgp.org](https://keys.openpgp.org/) verfügbar und kann von "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB) heruntergeladen "
-"werden."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"Wenn du macOS oder GNU/Linux verwendest, kannst du den Schlüssel auch mit "
-"dem folgenden Befehl abrufen:"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+dz.po b/contents+dz.po
index bf4d7fb143..37767a6d04 100644
--- a/contents+dz.po
+++ b/contents+dz.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Dzongkha (https://www.transifex.com/otf/teams/1519/dz/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+el.po b/contents+el.po
index fde973fda5..5440f03e59 100644
--- a/contents+el.po
+++ b/contents+el.po
@@ -12,16 +12,16 @@
# erinm, 2021
# LaScapigliata <ditri2000@xxxxxxxxxxx>, 2021
# Transifex Bot <>, 2022
-# Emma Peel, 2022
# george k <norhorn@xxxxxxxxx>, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: george k <norhorn@xxxxxxxxx>, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Greek (https://www.transifex.com/otf/teams/1519/el/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4157,8 +4157,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4342,8 +4340,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4449,8 +4445,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4512,8 +4506,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4548,15 +4540,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7651,7 +7639,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14517,27 +14505,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14555,21 +14561,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14592,8 +14637,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14624,29 +14669,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14662,42 +14722,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+en_GB.po b/contents+en_GB.po
index fcf7160cab..2ef238c516 100644
--- a/contents+en_GB.po
+++ b/contents+en_GB.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: English (United Kingdom) (https://www.transifex.com/otf/teams/1519/en_GB/)\n"
@@ -4060,8 +4060,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4242,8 +4240,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4343,8 +4339,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4400,8 +4394,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4434,15 +4426,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7259,7 +7247,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13968,27 +13956,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14006,19 +14012,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14040,7 +14086,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,22 +14116,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14101,37 +14168,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+eo.po b/contents+eo.po
index ece056ab0b..6912ece70a 100644
--- a/contents+eo.po
+++ b/contents+eo.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Esperanto (https://www.transifex.com/otf/teams/1519/eo/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+es.po b/contents+es.po
index 507913a5e9..47c8c85826 100644
--- a/contents+es.po
+++ b/contents+es.po
@@ -13,9 +13,9 @@
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Spanish (https://www.transifex.com/otf/teams/1519/es/)\n"
@@ -5068,8 +5068,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5283,8 +5281,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Esto deberÃa de mostrar algo parecido a:"
@@ -5401,8 +5397,6 @@ msgstr "### Comprobar la firma"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5474,8 +5468,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "El resultado del comando deberÃa ser algo como:"
@@ -5514,15 +5506,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Método alternativo (usando una clave pública)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -9137,11 +9125,9 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
-"Si una de estas opciones de abajo no está funcionando, comprueba tus "
-"[registros de Tor](../../connecting/connecting-2/) e intenta otra opción."
#: https//support.torproject.org/censorship/gettor-1/
#: (content/censorship/gettor-1/contents+en.lrquestion.title)
@@ -17523,37 +17509,46 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
msgstr ""
-"Cada archivo en nuestra [página de "
-"descarga](https://www.torproject.org/download/tor) está acompañado por un "
-"archivo etiquetado \"sig\" con el mismo nombre que el paquete y la extensión"
-" \".asc\"."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
-msgstr "Estos archivos .asc son firmas OpenPGP."
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
-"Esto variará con cada explorador web, pero generalmente puedes descargar "
-"este archivo haciendo clic con el botón derecho en el vÃnculo \"sig\", y "
-"seleccionando la opción \"guardar archivo como\"."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
-"Por ejemplo, `tor-0.4.6.7.tar.gz` está acompañado por "
-"`tor-0.4.6.7.tar.gz.asc`."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17572,23 +17567,60 @@ msgstr "Cómo hacer esto variará dependiendo de tu distribución."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
msgstr ""
-"Roger Dingledine (0xEB5A896A28988BF5 y 0xC218525819F78451), Nick Mathewson "
-"(0xFE43009C4607B1FB) fiman los tarballs del código fuente de Tor."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
-msgstr "Obtener la clave más reciente de Nick Mathewson:"
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17611,8 +17643,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17645,29 +17677,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17683,49 +17730,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
-"La clave de Nick Mathewson también está disponible en "
-"[keys.openpgp.org](https://keys.openpgp.org/) y puede ser descargada desde "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"Si estás usando macOS o GNU/Linux, la clave también puede ser obtenida "
-"ejecutando el siguiente comando:"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+et.po b/contents+et.po
index f58615021d..7c2f900bbc 100644
--- a/contents+et.po
+++ b/contents+et.po
@@ -14,7 +14,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Estonian (https://www.transifex.com/otf/teams/1519/et/)\n"
@@ -4094,8 +4094,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4276,8 +4274,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4377,8 +4373,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4434,8 +4428,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4468,15 +4460,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7277,7 +7265,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13986,27 +13974,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14024,19 +14030,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14058,7 +14104,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14088,22 +14134,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14119,37 +14186,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+eu.po b/contents+eu.po
index f6a96317cf..4f0bb68ee2 100644
--- a/contents+eu.po
+++ b/contents+eu.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Basque (https://www.transifex.com/otf/teams/1519/eu/)\n"
@@ -4070,8 +4070,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4254,8 +4252,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4355,8 +4351,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4412,8 +4406,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4446,15 +4438,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7267,7 +7255,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13979,27 +13967,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14017,19 +14023,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14051,7 +14097,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14081,22 +14127,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14112,37 +14179,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+fa.po b/contents+fa.po
index c1dbc74e65..bf6e8913fb 100644
--- a/contents+fa.po
+++ b/contents+fa.po
@@ -23,7 +23,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Reza Ghasemi, 2022\n"
"Language-Team: Persian (https://www.transifex.com/otf/teams/1519/fa/)\n"
@@ -4622,8 +4622,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4833,8 +4831,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "اÛ?Ù? باÛ?د Ú?Û?زÛ? شبÛ?Ù? اÛ?Ù? را Ù?Ù?اÛ?Ø´ بدÙ?د:"
@@ -4945,8 +4941,6 @@ msgstr "### در ØاÙ? تاÛ?Û?د اÙ?ضا"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5018,8 +5012,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Ù?تÛ?جÙ? Ù?رÙ?اÙ? باÛ?د Ú?Û?زÛ? شبÛ?Ù? اÛ?Ù? را تÙ?Ù?Û?د Ú©Ù?د:"
@@ -5057,15 +5049,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### رÙ?Ø´ کار (استÙ?ادÙ? از Û?Ú© Ú©Ù?Û?د عÙ?Ù?Ù?Û?)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8375,7 +8363,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -15990,27 +15978,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16028,19 +16034,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16062,7 +16108,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16092,22 +16138,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16123,37 +16190,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+fa_AF.po b/contents+fa_AF.po
index be2a670d73..10087f6394 100644
--- a/contents+fa_AF.po
+++ b/contents+fa_AF.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Persian (Afghanistan) (https://www.transifex.com/otf/teams/1519/fa_AF/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+fi.po b/contents+fi.po
index 1fce0b1d8d..5957186ba9 100644
--- a/contents+fi.po
+++ b/contents+fi.po
@@ -15,7 +15,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Finnish (https://www.transifex.com/otf/teams/1519/fi/)\n"
@@ -4057,8 +4057,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4239,8 +4237,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4340,8 +4336,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4397,8 +4391,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4431,15 +4423,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7249,7 +7237,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13958,27 +13946,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13996,19 +14002,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14030,7 +14076,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14060,22 +14106,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14091,37 +14158,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+fil.po b/contents+fil.po
index 70ae47b9b6..86daf7e5b5 100644
--- a/contents+fil.po
+++ b/contents+fil.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Filipino (https://www.transifex.com/otf/teams/1519/fil/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+fo.po b/contents+fo.po
index 5f8f5a63ce..0336413232 100644
--- a/contents+fo.po
+++ b/contents+fo.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Faroese (https://www.transifex.com/otf/teams/1519/fo/)\n"
@@ -4049,8 +4049,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4231,8 +4229,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4332,8 +4328,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4389,8 +4383,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4423,15 +4415,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7277,7 +7265,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13990,27 +13978,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14028,19 +14034,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14062,7 +14108,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14092,22 +14138,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14123,37 +14190,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+fr.po b/contents+fr.po
index 1b3f9278f8..10f312d5c5 100644
--- a/contents+fr.po
+++ b/contents+fr.po
@@ -20,9 +20,9 @@
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: French (https://www.transifex.com/otf/teams/1519/fr/)\n"
@@ -4947,8 +4947,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5165,8 +5163,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Cela devrait vous afficher quelque chose telle que :"
@@ -5284,8 +5280,6 @@ msgstr "### Confirmer la signature"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5359,8 +5353,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
"Le résultat de la commande devrait produire quelque chose comme ceci :"
@@ -5400,15 +5392,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Solution de rechange (utilisation dâ??une clé publique)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8813,7 +8801,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -15733,27 +15721,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15771,21 +15777,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15808,8 +15853,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15840,29 +15885,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15878,42 +15938,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ga.po b/contents+ga.po
index 55853f3bcb..15112d7b33 100644
--- a/contents+ga.po
+++ b/contents+ga.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Irish (https://www.transifex.com/otf/teams/1519/ga/)\n"
@@ -4065,8 +4065,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4248,8 +4246,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4355,8 +4351,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4418,8 +4412,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4454,15 +4446,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7532,7 +7520,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14379,27 +14367,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14417,21 +14423,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14454,8 +14499,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14484,29 +14529,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14522,42 +14582,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+gd.po b/contents+gd.po
index fa90d43f65..4ebd0a6161 100644
--- a/contents+gd.po
+++ b/contents+gd.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Gaelic, Scottish (https://www.transifex.com/otf/teams/1519/gd/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+gl.po b/contents+gl.po
index 2737e0d160..b22acbc950 100644
--- a/contents+gl.po
+++ b/contents+gl.po
@@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Galician (https://www.transifex.com/otf/teams/1519/gl/)\n"
@@ -4049,8 +4049,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4231,8 +4229,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4332,8 +4328,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4389,8 +4383,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4423,15 +4415,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7232,7 +7220,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13941,27 +13929,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13979,19 +13985,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14013,7 +14059,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14043,22 +14089,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14074,37 +14141,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+gu.po b/contents+gu.po
index 69f7830e0b..6198880cfe 100644
--- a/contents+gu.po
+++ b/contents+gu.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Gujarati (https://www.transifex.com/otf/teams/1519/gu/)\n"
@@ -4048,8 +4048,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4230,8 +4228,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4331,8 +4327,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4388,8 +4382,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4422,15 +4414,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7231,7 +7219,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13940,27 +13928,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13978,19 +13984,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14012,7 +14058,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14042,22 +14088,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14073,37 +14140,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+he.po b/contents+he.po
index 5cab90800f..1c1de1cf6d 100644
--- a/contents+he.po
+++ b/contents+he.po
@@ -13,7 +13,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Hebrew (https://www.transifex.com/otf/teams/1519/he/)\n"
@@ -4070,8 +4070,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4254,8 +4252,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4357,8 +4353,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4416,8 +4410,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4450,15 +4442,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7310,7 +7298,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14041,27 +14029,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14079,19 +14085,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14115,8 +14161,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr ""
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14147,27 +14193,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14183,37 +14246,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+hi.po b/contents+hi.po
index 12df91146d..d298219fe0 100644
--- a/contents+hi.po
+++ b/contents+hi.po
@@ -16,7 +16,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Hindi (https://www.transifex.com/otf/teams/1519/hi/)\n"
@@ -4053,8 +4053,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4236,8 +4234,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4343,8 +4339,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4406,8 +4400,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4442,15 +4434,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7264,7 +7252,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14001,27 +13989,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,21 +14045,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14076,8 +14121,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14106,29 +14151,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14144,42 +14204,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+hr.po b/contents+hr.po
index ad1d00456d..65a6165a7e 100644
--- a/contents+hr.po
+++ b/contents+hr.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Milo Ivir <mail@xxxxxxxxxxx>, 2022\n"
"Language-Team: Croatian (https://www.transifex.com/otf/teams/1519/hr/)\n"
@@ -4455,8 +4455,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4637,8 +4635,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4738,8 +4734,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4795,8 +4789,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4829,15 +4821,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7687,7 +7675,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14411,27 +14399,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14449,19 +14455,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14483,7 +14529,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14513,22 +14559,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14544,37 +14611,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+hu.po b/contents+hu.po
index 8f90da56ea..75679cfc1d 100644
--- a/contents+hu.po
+++ b/contents+hu.po
@@ -7,16 +7,16 @@
# benewfy <benewfy@xxxxxxxxx>, 2021
# Transifex Bot <>, 2022
# vargaviktor <viktor.varga@xxxxxxxxx>, 2022
-# Emma Peel, 2022
# Zsolt Repasy <repasy_zsolt@xxxxxxxxx>, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: Zsolt Repasy <repasy_zsolt@xxxxxxxxx>, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Hungarian (https://www.transifex.com/otf/teams/1519/hu/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4219,8 +4219,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4404,8 +4402,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4511,8 +4507,6 @@ msgstr "### AláÃrás ellenÅ?rzése"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4574,8 +4568,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4610,15 +4602,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7557,7 +7545,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14394,27 +14382,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14432,21 +14438,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14469,8 +14514,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14499,29 +14544,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14537,42 +14597,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+hy.po b/contents+hy.po
index b1fceaeefb..cb323744f8 100644
--- a/contents+hy.po
+++ b/contents+hy.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Armenian (https://www.transifex.com/otf/teams/1519/hy/)\n"
@@ -4046,8 +4046,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4228,8 +4226,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4329,8 +4325,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4386,8 +4380,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4420,15 +4412,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7229,7 +7217,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13938,27 +13926,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13976,19 +13982,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14010,7 +14056,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14040,22 +14086,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14071,37 +14138,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+id.po b/contents+id.po
index ab83c8c504..b47e1c8681 100644
--- a/contents+id.po
+++ b/contents+id.po
@@ -22,7 +22,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Indonesian (https://www.transifex.com/otf/teams/1519/id/)\n"
@@ -5059,8 +5059,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5277,8 +5275,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Ini akan menunjukkan kepada Anda sesuatu seperti:"
@@ -5395,8 +5391,6 @@ msgstr "### Memverifikasi tanda tangan"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5469,8 +5463,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Hasil dari perintah harus menghasilkan sesuatu seperti ini:"
@@ -5509,15 +5501,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Workaround (menggunakan kunci publik)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -9010,7 +8998,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -15999,27 +15987,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16037,21 +16043,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16074,8 +16119,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16104,29 +16149,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16142,42 +16202,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ig.po b/contents+ig.po
index b9c40bc3c7..97698d5443 100644
--- a/contents+ig.po
+++ b/contents+ig.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Igbo (https://www.transifex.com/otf/teams/1519/ig/)\n"
@@ -4043,8 +4043,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4225,8 +4223,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4326,8 +4322,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4383,8 +4377,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4417,15 +4409,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7226,7 +7214,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13935,27 +13923,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13973,19 +13979,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,7 +14053,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14037,22 +14083,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14068,37 +14135,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+is.po b/contents+is.po
index 3dd2583887..b2d9b80b56 100644
--- a/contents+is.po
+++ b/contents+is.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Icelandic (https://www.transifex.com/otf/teams/1519/is/)\n"
@@ -4419,8 +4419,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4616,8 +4614,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "�að ætti að sýna þér eitthvað á borð við þetta:"
@@ -4723,8 +4719,6 @@ msgstr "### Sannreyna undirritunina"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4788,8 +4782,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4824,15 +4816,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Hjáleið (með þvà að nota dreifilykil)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7977,7 +7965,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14903,27 +14891,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14941,21 +14947,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14978,8 +15023,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15008,29 +15053,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15046,42 +15106,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+it.po b/contents+it.po
index 3135282ec8..67610a7b13 100644
--- a/contents+it.po
+++ b/contents+it.po
@@ -31,7 +31,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Italian (https://www.transifex.com/otf/teams/1519/it/)\n"
@@ -4711,8 +4711,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4922,8 +4920,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Questo dovrebbe farti vedere qualcosa come:"
@@ -5038,8 +5034,6 @@ msgstr "### Verificare la firma"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5109,8 +5103,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Il risultato del comando dovrebbe dare qualcosa come:"
@@ -5148,15 +5140,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Soluzione alternativa (utilizzando una chiave pubblica)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8594,7 +8582,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -16190,27 +16178,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16228,21 +16234,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16265,8 +16310,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16295,29 +16340,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16333,42 +16393,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ja.po b/contents+ja.po
index 04dccff6cb..a26ece5d12 100644
--- a/contents+ja.po
+++ b/contents+ja.po
@@ -14,17 +14,17 @@
# hakka, 2021
# �山� � <oyamada.junjun@xxxxxxxxxx>, 2021
# Transifex Bot <>, 2022
-# Emma Peel, 2022
# h345u37g3 h345u37g3, 2022
# Ito Takeshi, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: Ito Takeshi, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Japanese (https://www.transifex.com/otf/teams/1519/ja/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4105,8 +4105,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4294,8 +4292,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "以ä¸?ã?®ã??ã??ã?«è¡¨ç¤ºã??ã??ã??ã?§ã??ã??ã??(è¨?èª?è¨å®?ã??è?±èª?ã?®å ´å??)ï¼?"
@@ -4401,8 +4397,6 @@ msgstr "### ã?·ã?°ã??ã??ã?£ã??æ¤?証ã??ã??"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4464,8 +4458,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "以ä¸?ã?®ã??ã??ã?«å?ºå??ã??ã??ã??ã?§ã??ã??ã??(è¨?èª?è¨å®?ã??è?±èª?ã?®å ´å??)ï¼?"
@@ -4500,15 +4492,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7403,7 +7391,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14145,27 +14133,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14183,19 +14189,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14219,8 +14265,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr ""
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14249,27 +14295,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14285,37 +14348,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+jv.po b/contents+jv.po
index c619f62774..53d2ebfee4 100644
--- a/contents+jv.po
+++ b/contents+jv.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Javanese (https://www.transifex.com/otf/teams/1519/jv/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ka.po b/contents+ka.po
index 012e66bdbe..1c8f7b9a07 100644
--- a/contents+ka.po
+++ b/contents+ka.po
@@ -1,17 +1,17 @@
#
# Translators:
# erinm, 2021
-# Emma Peel, 2021
# Transifex Bot <>, 2022
# Georgianization, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: Georgianization, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Georgian (https://www.transifex.com/otf/teams/1519/ka/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4796,8 +4796,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5007,8 +5005,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "á?¬á??á?¡á??á?? á?£á??á??á?? á??á??á??á??á?©á??á??á??á?¡ á??á?¡á??á??á??á?¡á?? á? á??á??:"
@@ -5123,8 +5119,6 @@ msgstr "### á?®á??á??á??á??á?¬á??á? á??á?¡ á??á??á??á??á?¬á??á??á??á?? (signatur
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5196,8 +5190,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "á??á? á?«á??á??á??á??á??á?¡ á?¨á??á??á??á??á??á??, á?£á??á??á?? á??á??á??á?¬á??á? á??á?¡ á?¨á??á??á??á??á??á?? á? á??á??:"
@@ -5235,15 +5227,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### á??á? á??á??á??á??á??á?? á??á??á??á??á?¡á??á??á??á??á?? (á?¡á??á?¯á??á? á?? á??á??á?¡á??á?¦á??á??á??á??)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8707,7 +8695,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -16759,27 +16747,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16797,21 +16803,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16834,8 +16879,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16866,29 +16911,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16904,42 +16964,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+kk.po b/contents+kk.po
index c3294ddc7a..ce970cbae3 100644
--- a/contents+kk.po
+++ b/contents+kk.po
@@ -8,9 +8,9 @@
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Dimash Esen <esengeldi0202@xxxxxxxxx>, 2022\n"
"Language-Team: Kazakh (https://www.transifex.com/otf/teams/1519/kk/)\n"
@@ -4047,8 +4047,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4229,8 +4227,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4330,8 +4326,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4387,8 +4381,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4421,15 +4413,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7230,7 +7218,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13939,27 +13927,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13977,19 +13983,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14011,7 +14057,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14041,22 +14087,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14072,37 +14139,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+km.po b/contents+km.po
index 73066e4af0..a8dd1b3253 100644
--- a/contents+km.po
+++ b/contents+km.po
@@ -10,9 +10,9 @@
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: sophat CHY <sophatchy@xxxxxxxxx>, 2022\n"
"Language-Team: Khmer (https://www.transifex.com/otf/teams/1519/km/)\n"
@@ -4079,8 +4079,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4263,8 +4261,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4364,8 +4360,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4421,8 +4415,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4455,15 +4447,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7278,7 +7266,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13995,27 +13983,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14033,19 +14039,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14067,7 +14113,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14097,22 +14143,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14128,37 +14195,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+kn.po b/contents+kn.po
index 089006cb6b..537c327703 100644
--- a/contents+kn.po
+++ b/contents+kn.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Kannada (https://www.transifex.com/otf/teams/1519/kn/)\n"
@@ -4046,8 +4046,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4228,8 +4226,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4329,8 +4325,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4386,8 +4380,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4420,15 +4412,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7229,7 +7217,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13938,27 +13926,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13976,19 +13982,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14010,7 +14056,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14040,22 +14086,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14071,37 +14138,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ko.po b/contents+ko.po
index f81b3888c1..ae5cd76046 100644
--- a/contents+ko.po
+++ b/contents+ko.po
@@ -15,7 +15,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Korean (https://www.transifex.com/otf/teams/1519/ko/)\n"
@@ -4061,8 +4061,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4244,8 +4242,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4351,8 +4347,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4414,8 +4408,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4450,15 +4442,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7302,7 +7290,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14049,27 +14037,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14087,21 +14093,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14124,8 +14169,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14154,29 +14199,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14192,42 +14252,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ku_IQ.po b/contents+ku_IQ.po
index c9631d6812..a67107d7f8 100644
--- a/contents+ku_IQ.po
+++ b/contents+ku_IQ.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Kurdish (Iraq) (https://www.transifex.com/otf/teams/1519/ku_IQ/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ky.po b/contents+ky.po
index c6075c1824..1518fda854 100644
--- a/contents+ky.po
+++ b/contents+ky.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Kyrgyz (https://www.transifex.com/otf/teams/1519/ky/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+la.po b/contents+la.po
index 7560d05594..0ee17543e7 100644
--- a/contents+la.po
+++ b/contents+la.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Latin (https://www.transifex.com/otf/teams/1519/la/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+lb.po b/contents+lb.po
index 22e69352c5..318d4bbf7a 100644
--- a/contents+lb.po
+++ b/contents+lb.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Luxembourgish (https://www.transifex.com/otf/teams/1519/lb/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+lo.po b/contents+lo.po
index 2d68bd0f33..14bf201445 100644
--- a/contents+lo.po
+++ b/contents+lo.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Lao (https://www.transifex.com/otf/teams/1519/lo/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+lt.po b/contents+lt.po
index df8071a693..b78f65afb0 100644
--- a/contents+lt.po
+++ b/contents+lt.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Moo, 2022\n"
"Language-Team: Lithuanian (https://www.transifex.com/otf/teams/1519/lt/)\n"
@@ -4082,8 +4082,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4271,8 +4269,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4374,8 +4370,6 @@ msgstr "### Parašo patikrinimas"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4433,8 +4427,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4467,15 +4459,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7302,7 +7290,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14013,27 +14001,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14051,19 +14057,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14085,7 +14131,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14115,22 +14161,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14146,37 +14213,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+lv.po b/contents+lv.po
index c100bbfa1e..598b50566e 100644
--- a/contents+lv.po
+++ b/contents+lv.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Latvian (https://www.transifex.com/otf/teams/1519/lv/)\n"
@@ -4059,8 +4059,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4241,8 +4239,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4342,8 +4338,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4399,8 +4393,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4433,15 +4425,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7242,7 +7230,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13951,27 +13939,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13989,19 +13995,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14023,7 +14069,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14053,22 +14099,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14084,37 +14151,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+mk.po b/contents+mk.po
index 0a12476714..771eab626d 100644
--- a/contents+mk.po
+++ b/contents+mk.po
@@ -13,7 +13,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Macedonian (https://www.transifex.com/otf/teams/1519/mk/)\n"
@@ -4070,8 +4070,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4253,8 +4251,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4360,8 +4356,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4419,8 +4413,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4453,15 +4445,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7268,7 +7256,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13991,27 +13979,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14029,19 +14035,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14065,8 +14111,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr ""
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14095,27 +14141,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14131,37 +14194,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ml.po b/contents+ml.po
index 424cc3a97a..43c48b72ae 100644
--- a/contents+ml.po
+++ b/contents+ml.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: ameer pb <ameerpbekm@xxxxxxxxx>, 2022\n"
"Language-Team: Malayalam (https://www.transifex.com/otf/teams/1519/ml/)\n"
@@ -4507,8 +4507,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4717,8 +4715,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "�ത� �ത�പ�ല�ള�ള �ന�ന� �ാണി�����:"
@@ -4824,8 +4820,6 @@ msgstr "### �പ�പ� പരിശ�ധി����റപ�പി�
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4889,8 +4883,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "�മാൻഡിന�റ� ഫല� �ത�പ�ല�ന�ന� സ�ഷ��ി���ണ�:"
@@ -4925,15 +4917,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Workaround (�ര� പ�ത� �� �പയ��ി����)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8317,7 +8305,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -15684,27 +15672,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15722,19 +15728,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15756,7 +15802,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15786,22 +15832,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15817,37 +15884,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+mn.po b/contents+mn.po
index 37355cd795..f84967d6a4 100644
--- a/contents+mn.po
+++ b/contents+mn.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Mongolian (https://www.transifex.com/otf/teams/1519/mn/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+mr.po b/contents+mr.po
index 763a6f557e..0342d1de39 100644
--- a/contents+mr.po
+++ b/contents+mr.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Marathi (https://www.transifex.com/otf/teams/1519/mr/)\n"
@@ -4070,8 +4070,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4253,8 +4251,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4356,8 +4352,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4415,8 +4409,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4449,15 +4441,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7262,7 +7250,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13985,27 +13973,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14023,19 +14029,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14059,8 +14105,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr ""
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14089,27 +14135,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14125,37 +14188,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ms.po b/contents+ms.po
index ef478989b3..fee91fd482 100644
--- a/contents+ms.po
+++ b/contents+ms.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Malay (Malaysia) (https://www.transifex.com/otf/teams/1519/ms_MY/)\n"
@@ -4074,8 +4074,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4257,8 +4255,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4364,8 +4360,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4427,8 +4421,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4463,15 +4455,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7296,7 +7284,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14040,27 +14028,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14078,21 +14084,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14115,8 +14160,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14145,29 +14190,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14183,42 +14243,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+mt.po b/contents+mt.po
index 6e43e3f04f..51b481c485 100644
--- a/contents+mt.po
+++ b/contents+mt.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Maltese (https://www.transifex.com/otf/teams/1519/mt/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+my.po b/contents+my.po
index 14cb224185..5af1bcd3ca 100644
--- a/contents+my.po
+++ b/contents+my.po
@@ -13,7 +13,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Burmese (https://www.transifex.com/otf/teams/1519/my/)\n"
@@ -4083,8 +4083,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4268,8 +4266,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4375,8 +4371,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4438,8 +4432,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4474,15 +4466,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7331,7 +7319,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14068,27 +14056,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14106,21 +14112,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14143,8 +14188,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14173,29 +14218,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14211,42 +14271,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+nb.po b/contents+nb.po
index 67951d7f6a..950fc78db2 100644
--- a/contents+nb.po
+++ b/contents+nb.po
@@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: LarsMagnusHerland <lars.magnus@xxxxxxxxxxxxxxx>, 2022\n"
"Language-Team: Norwegian Bokmål (https://www.transifex.com/otf/teams/1519/nb/)\n"
@@ -4072,8 +4072,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4255,8 +4253,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4360,8 +4356,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4423,8 +4417,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4457,15 +4449,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7341,7 +7329,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14058,27 +14046,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14096,19 +14102,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14130,7 +14176,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14160,22 +14206,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14191,37 +14258,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+nds.po b/contents+nds.po
index 5b487438e2..bf4beeb026 100644
--- a/contents+nds.po
+++ b/contents+nds.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Low German (https://www.transifex.com/otf/teams/1519/nds/)\n"
@@ -4043,8 +4043,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4225,8 +4223,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4326,8 +4322,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4383,8 +4377,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4417,15 +4409,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7226,7 +7214,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13935,27 +13923,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13973,19 +13979,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,7 +14053,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14037,22 +14083,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14068,37 +14135,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ne.po b/contents+ne.po
index b9a75b4f8b..b410522d5f 100644
--- a/contents+ne.po
+++ b/contents+ne.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Nepali (https://www.transifex.com/otf/teams/1519/ne/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+nl.po b/contents+nl.po
index eeed72c6b2..de4267455e 100644
--- a/contents+nl.po
+++ b/contents+nl.po
@@ -18,7 +18,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Dutch (https://www.transifex.com/otf/teams/1519/nl/)\n"
@@ -4243,8 +4243,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4428,8 +4426,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4531,8 +4527,6 @@ msgstr "### De signatuur verifiëren"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4590,8 +4584,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4624,15 +4616,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7494,7 +7482,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14217,27 +14205,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14255,19 +14261,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14289,7 +14335,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14319,22 +14365,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14350,37 +14417,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+nn.po b/contents+nn.po
index 86e8e67501..ef289552e7 100644
--- a/contents+nn.po
+++ b/contents+nn.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Norwegian Nynorsk (https://www.transifex.com/otf/teams/1519/nn/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+or.po b/contents+or.po
index 64ec946b26..fef66741d1 100644
--- a/contents+or.po
+++ b/contents+or.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Odia (https://www.transifex.com/otf/teams/1519/or/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+pa.po b/contents+pa.po
index 666f3c01b6..e96dc77c86 100644
--- a/contents+pa.po
+++ b/contents+pa.po
@@ -10,7 +10,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Panjabi (Punjabi) (https://www.transifex.com/otf/teams/1519/pa/)\n"
@@ -4047,8 +4047,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4230,8 +4228,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4333,8 +4329,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4392,8 +4386,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4426,15 +4418,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7239,7 +7227,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13948,27 +13936,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13986,19 +13992,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14020,7 +14066,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14050,22 +14096,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14081,37 +14148,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+pl.po b/contents+pl.po
index 9fa4723c07..289d2961bb 100644
--- a/contents+pl.po
+++ b/contents+pl.po
@@ -22,7 +22,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Kristian <geezet@xxxxxxxxxx>, 2022\n"
"Language-Team: Polish (https://www.transifex.com/otf/teams/1519/pl/)\n"
@@ -4834,8 +4834,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5049,8 +5047,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "PowinieneÅ? zobaczyÄ? coÅ? w stylu:"
@@ -5163,8 +5159,6 @@ msgstr "### Weryfikowanie podpisu"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5234,8 +5228,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Wynik koÅ?cowy komendy powinien wyglÄ?daÄ? mniej wiÄ?cej tak:"
@@ -5273,15 +5265,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### ObejÅ?cie (używajÄ?c klucza publicznego)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8774,7 +8762,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -16831,27 +16819,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16869,19 +16875,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16903,7 +16949,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16933,22 +16979,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16964,37 +17031,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+pms.po b/contents+pms.po
index 80f9f3b7e5..e1b1a38147 100644
--- a/contents+pms.po
+++ b/contents+pms.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Piemontese (https://www.transifex.com/otf/teams/1519/pms/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ps.po b/contents+ps.po
index 2a246eccb2..6fedb2013a 100644
--- a/contents+ps.po
+++ b/contents+ps.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Pashto (https://www.transifex.com/otf/teams/1519/ps/)\n"
@@ -4046,8 +4046,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4228,8 +4226,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4329,8 +4325,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4386,8 +4380,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4420,15 +4412,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7229,7 +7217,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13938,27 +13926,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13976,19 +13982,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14010,7 +14056,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14040,22 +14086,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14071,37 +14138,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+pt-BR.po b/contents+pt-BR.po
index fb05fd9cfb..b30a6c6b7c 100644
--- a/contents+pt-BR.po
+++ b/contents+pt-BR.po
@@ -23,18 +23,18 @@
# C. E., 2021
# Billy Bill, 2021
# Transifex Bot <>, 2022
-# Emma Peel, 2022
# Eduardo Addad de Oliveira <eduardoaddad@xxxxxxxxxxx>, 2022
# Gus, 2022
# Igor Bk 13, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: Igor Bk 13, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Portuguese (Brazil) (https://www.transifex.com/otf/teams/1519/pt_BR/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4772,8 +4772,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4988,8 +4986,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Isso deverá exibir algo como:"
@@ -5104,8 +5100,6 @@ msgstr "### Verificando a assinatura"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5178,8 +5172,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "O uso do comando deve resultar em algo deste tipo:"
@@ -5217,15 +5209,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Alternativa (usando uma chave pública)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8666,7 +8654,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -16574,27 +16562,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16612,21 +16618,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16649,8 +16694,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16679,29 +16724,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16717,42 +16777,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+pt-PT.po b/contents+pt-PT.po
index 3691377660..c18965962f 100644
--- a/contents+pt-PT.po
+++ b/contents+pt-PT.po
@@ -17,7 +17,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Manuela Silva <mmsrs@xxxxxxx>, 2022\n"
"Language-Team: Portuguese (Portugal) (https://www.transifex.com/otf/teams/1519/pt_PT/)\n"
@@ -4633,8 +4633,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4843,8 +4841,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Isto deve mostrar-lhe algo como:"
@@ -4950,8 +4946,6 @@ msgstr "### Verificação da assinatura"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5015,8 +5009,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "O resultado do comando deverá produzir algo como isto:"
@@ -5051,15 +5043,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Contornar (utilização de uma chave pública)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8317,7 +8305,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -15163,27 +15151,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15201,19 +15207,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15235,7 +15281,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15265,22 +15311,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15296,37 +15363,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ro.po b/contents+ro.po
index 052a3f924e..7630621aee 100644
--- a/contents+ro.po
+++ b/contents+ro.po
@@ -9,16 +9,16 @@
# erinm, 2021
# titus <titus0818@xxxxxxxxx>, 2021
# Transifex Bot <>, 2022
-# Emma Peel, 2022
# eduard pintilie <eduard.pintilie@xxxxxxxxx>, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: eduard pintilie <eduard.pintilie@xxxxxxxxx>, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Romanian (https://www.transifex.com/otf/teams/1519/ro/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4573,8 +4573,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4782,8 +4780,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Acest lucru ar trebui sÄ? arate ceva de genul:"
@@ -4889,8 +4885,6 @@ msgstr "### Verificarea semnÄ?turii"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4960,8 +4954,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Rezultatul comenzii ar trebui sÄ? arate cu aproximaÈ?ie aÈ?a:"
@@ -4996,15 +4988,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Mod de lucru (folosind o cheie publicÄ?)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8375,7 +8363,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -15699,27 +15687,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -15737,21 +15743,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15774,8 +15819,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15804,29 +15849,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -15842,42 +15902,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ru.po b/contents+ru.po
index 70c450226f..ee506d8937 100644
--- a/contents+ru.po
+++ b/contents+ru.po
@@ -20,18 +20,18 @@
# Valery, 2021
# Olaf Scholz, 2021
# ktchr, 2022
-# Emma Peel, 2022
# Leonid Gluhov, 2022
# Egor Makarenko, 2022
# Sergey Smirnov <cj75300@xxxxxxxxx>, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: Sergey Smirnov <cj75300@xxxxxxxxx>, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Russian (https://www.transifex.com/otf/teams/1519/ru/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4892,8 +4892,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5102,8 +5100,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Ð?Ñ? Ñ?видиÑ?е Ñ?Ñ?о-Ñ?о в Ñ?Ñ?ом Ñ?оде:"
@@ -5218,8 +5214,6 @@ msgstr "### Ð?Ñ?овеÑ?ка подпиÑ?и"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5290,8 +5284,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Ð? Ñ?езÑ?лÑ?Ñ?аÑ?е Ñ?Ñ?ой командÑ? вÑ? Ñ?видиÑ?е неÑ?Ñ?о подобное:"
@@ -5329,15 +5321,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Ð?лÑ?Ñ?еÑ?наÑ?ивнÑ?й ваÑ?ианÑ? (Ñ? иÑ?полÑ?зованием оÑ?кÑ?Ñ?Ñ?ого клÑ?Ñ?а)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8706,7 +8694,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -16552,27 +16540,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -16590,21 +16596,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16627,8 +16672,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16659,29 +16704,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -16697,49 +16757,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
-"Ð?лÑ?Ñ? Ð?ика Ð?Ñ?Ñ?Ñ?Ñ?Ñ?она Ñ?акже доÑ?Ñ?Ñ?пен на "
-"[keys.openpgp.org](https://keys.openpgp.org/) и можеÑ? бÑ?Ñ?Ñ? загÑ?Ñ?жен Ñ? "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"Ð?Ñ?ли вÑ? иÑ?полÑ?зÑ?еÑ?е macOS или GNU/Linux, клÑ?Ñ? Ñ?акже можно полÑ?Ñ?иÑ?Ñ?, вÑ?полнив"
-" Ñ?ледÑ?Ñ?Ñ?Ñ?Ñ? командÑ?:"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+sco.po b/contents+sco.po
index e9b2ce1e32..b00a60c28e 100644
--- a/contents+sco.po
+++ b/contents+sco.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Scots (https://www.transifex.com/otf/teams/1519/sco/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+si.po b/contents+si.po
index c545cc3589..5e73c38b89 100644
--- a/contents+si.po
+++ b/contents+si.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Sinhala (https://www.transifex.com/otf/teams/1519/si/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+sk.po b/contents+sk.po
index 0f56f91834..f175f4e19b 100644
--- a/contents+sk.po
+++ b/contents+sk.po
@@ -13,7 +13,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Slovak (https://www.transifex.com/otf/teams/1519/sk/)\n"
@@ -4050,8 +4050,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4232,8 +4230,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4333,8 +4329,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4390,8 +4384,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4424,15 +4416,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7236,7 +7224,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13947,27 +13935,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13985,19 +13991,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14019,7 +14065,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14049,22 +14095,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14080,37 +14147,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+sl.po b/contents+sl.po
index 805492fb85..ea005131ac 100644
--- a/contents+sl.po
+++ b/contents+sl.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Slovenian (https://www.transifex.com/otf/teams/1519/sl/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+sn.po b/contents+sn.po
index c8a6480fb3..e0acdaf214 100644
--- a/contents+sn.po
+++ b/contents+sn.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Shona (https://www.transifex.com/otf/teams/1519/sn/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+so.po b/contents+so.po
index 784e841ecc..d87a95f27e 100644
--- a/contents+so.po
+++ b/contents+so.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Somali (https://www.transifex.com/otf/teams/1519/so/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+sq.po b/contents+sq.po
index 1434ece127..012ad0fa52 100644
--- a/contents+sq.po
+++ b/contents+sq.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Besnik Bleta <besnik@xxxxxxxxxxxxxxxxx>, 2022\n"
"Language-Team: Albanian (https://www.transifex.com/otf/teams/1519/sq/)\n"
@@ -4175,8 +4175,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4359,8 +4357,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Kjo duhet tâ??ju shfaqë diçka si:"
@@ -4460,8 +4456,6 @@ msgstr "### Verifikim i nënshkrimit"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4517,8 +4511,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4551,15 +4543,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Rrugëzgjidhje (duke përdorur një kyç publik)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7408,7 +7396,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14139,27 +14127,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14177,19 +14183,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14211,7 +14257,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14241,22 +14287,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14272,37 +14339,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+sr.po b/contents+sr.po
index 4540ca7b7c..98ea4c94ab 100644
--- a/contents+sr.po
+++ b/contents+sr.po
@@ -13,7 +13,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Marko Lazarevic <pilov123456@xxxxxxxxxxxxxx>, 2022\n"
"Language-Team: Serbian (https://www.transifex.com/otf/teams/1519/sr/)\n"
@@ -4052,8 +4052,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4234,8 +4232,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4335,8 +4331,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4392,8 +4386,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4426,15 +4418,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7272,7 +7260,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13981,27 +13969,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14019,19 +14025,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14053,7 +14099,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14083,22 +14129,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14114,37 +14181,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+sv.po b/contents+sv.po
index 2ed40d92ac..aa68151cd5 100644
--- a/contents+sv.po
+++ b/contents+sv.po
@@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Swedish (https://www.transifex.com/otf/teams/1519/sv/)\n"
@@ -4068,8 +4068,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4250,8 +4248,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4357,8 +4353,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4420,8 +4414,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4456,15 +4448,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7339,7 +7327,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14109,27 +14097,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14147,21 +14153,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14184,8 +14229,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14214,29 +14259,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14252,42 +14312,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+sw.po b/contents+sw.po
index 1e19cc5d7f..70b8c26862 100644
--- a/contents+sw.po
+++ b/contents+sw.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Swahili (https://www.transifex.com/otf/teams/1519/sw/)\n"
@@ -4048,8 +4048,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4231,8 +4229,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4338,8 +4334,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4401,8 +4395,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4437,15 +4429,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7268,7 +7256,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14005,27 +13993,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14043,21 +14049,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14080,8 +14125,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14110,29 +14155,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14148,42 +14208,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+szl.po b/contents+szl.po
index 294286d350..6794651494 100644
--- a/contents+szl.po
+++ b/contents+szl.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Silesian (https://www.transifex.com/otf/teams/1519/szl/)\n"
@@ -4043,8 +4043,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4225,8 +4223,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4326,8 +4322,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4383,8 +4377,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4417,15 +4409,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7226,7 +7214,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13935,27 +13923,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13973,19 +13979,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,7 +14053,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14037,22 +14083,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14068,37 +14135,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ta.po b/contents+ta.po
index 428f9d53f5..f4efbc6bde 100644
--- a/contents+ta.po
+++ b/contents+ta.po
@@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Tamil (https://www.transifex.com/otf/teams/1519/ta/)\n"
@@ -4051,8 +4051,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4233,8 +4231,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4334,8 +4330,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4391,8 +4385,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4425,15 +4417,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7236,7 +7224,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13948,27 +13936,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13986,19 +13992,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14020,7 +14066,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14050,22 +14096,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14081,37 +14148,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+te.po b/contents+te.po
index b86c9480b3..f7652e9923 100644
--- a/contents+te.po
+++ b/contents+te.po
@@ -9,7 +9,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Telugu (https://www.transifex.com/otf/teams/1519/te/)\n"
@@ -4046,8 +4046,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4228,8 +4226,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4329,8 +4325,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4386,8 +4380,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4420,15 +4412,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7229,7 +7217,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13938,27 +13926,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13976,19 +13982,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14010,7 +14056,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14040,22 +14086,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14071,37 +14138,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+tg.po b/contents+tg.po
index c810415124..716fd003cb 100644
--- a/contents+tg.po
+++ b/contents+tg.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Tajik (https://www.transifex.com/otf/teams/1519/tg/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+th.po b/contents+th.po
index 0c3aa7d283..e6f81e2ed4 100644
--- a/contents+th.po
+++ b/contents+th.po
@@ -17,7 +17,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Thai (https://www.transifex.com/otf/teams/1519/th/)\n"
@@ -4074,8 +4074,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4256,8 +4254,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4363,8 +4359,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4426,8 +4420,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4462,15 +4454,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7304,7 +7292,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -14044,27 +14032,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14082,21 +14088,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14119,8 +14164,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14149,29 +14194,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14187,42 +14247,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+tk.po b/contents+tk.po
index 33d39c20d5..0dca41bb56 100644
--- a/contents+tk.po
+++ b/contents+tk.po
@@ -8,7 +8,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Turkmen (https://www.transifex.com/otf/teams/1519/tk/)\n"
@@ -4045,8 +4045,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4227,8 +4225,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4328,8 +4324,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4385,8 +4379,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4419,15 +4411,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7228,7 +7216,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13937,27 +13925,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13975,19 +13981,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14009,7 +14055,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14039,22 +14085,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14070,37 +14137,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+tl_PH.po b/contents+tl_PH.po
index d47c170393..e49feb7e26 100644
--- a/contents+tl_PH.po
+++ b/contents+tl_PH.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Tagalog (Philippines) (https://www.transifex.com/otf/teams/1519/tl_PH/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+tr.po b/contents+tr.po
index bb073b8123..bf4d2738da 100644
--- a/contents+tr.po
+++ b/contents+tr.po
@@ -9,9 +9,9 @@
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Kaya Zeren <kayazeren@xxxxxxxxx>, 2022\n"
"Language-Team: Turkish (https://www.transifex.com/otf/teams/1519/tr/)\n"
@@ -5038,8 +5038,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5253,8 +5251,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "Bunun sonucunda Å?öyle bir Å?ey görmelisiniz:"
@@ -5369,8 +5365,6 @@ msgstr "### Ä°mzayı doÄ?rulamak"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5442,8 +5436,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "Komutun sonucunda Å?öyle bir Å?ey görmelisiniz:"
@@ -5480,15 +5472,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### �özüm (herkese açık bir anahtar kullanarak)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -9095,12 +9083,9 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
-"AÅ?aÄ?ıdaki seçeneklerden hiçbiri çalıÅ?mıyorsa, [Tor "
-"günlüklerinizi](../../connecting/connecting-2/) denetleyerek baÅ?ka bir "
-"seçenek deneyin."
#: https//support.torproject.org/censorship/gettor-1/
#: (content/censorship/gettor-1/contents+en.lrquestion.title)
@@ -17490,36 +17475,46 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
-"[İndirme sayfamızdaki](https://www.torproject.org/download/tor) her dosyanın"
-" yanında, paketle aynı ada ve \".asc\" uzantısına sahip \"sig\" etiketli bir"
-" dosya bulunur."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
-msgstr "Bu .asc dosyaları OpenPGP imzalarıdır."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
-"Ä°ndirme iÅ?lemi web tarayıcısına göre deÄ?iÅ?ir, ancak genellikle \"sig\" "
-"baÄ?lantısına saÄ? tıklayıp \"dosyayı farklı kaydet\" seçeneÄ?i ile bu dosyayı "
-"indirebilirsiniz."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
-"Ã?rneÄ?in, `tor-0.4.6.7.tar.gz` dosyasının yanında `tor-0.4.6.7.tar.gz.asc` "
-"dosyası bulunur."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17538,23 +17533,60 @@ msgstr "Bunun nasıl yapılacaÄ?ı, daÄ?ıtımınıza göre deÄ?iÅ?ir."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
-"Roger Dingledine (0xEB5A896A28988BF5 ve 0xC218525819F78451), Nick Mathewson "
-"(0xFE43009C4607B1FB) Tor kaynaklı tarball paketlerini imzaladı."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
-msgstr "Güncel Nick Mathewson anahtarını almak için:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17577,8 +17609,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17611,29 +17643,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17649,49 +17696,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
-"Nick Mathewson anahtarı ayrıca [keys.openpgp.org](https://keys.openpgp.org/)"
-" adresinde bulunabilir ve [https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB) adresinden "
-"indirilebilir."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"macOS veya GNU/Linux kullanıyorsanız, aÅ?aÄ?ıdaki komutu yürüterek de anahtarı"
-" alabilirsiniz:"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+ug@xxxxxxx b/contents+ug@xxxxxxx
index 7c0e1c2daf..e04d060d42 100644
--- a/contents+ug@xxxxxxx
+++ b/contents+ug@xxxxxxx
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Uighur (Arabic) (https://www.transifex.com/otf/teams/1519/ug@Arab/)\n"
@@ -4044,8 +4044,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4226,8 +4224,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4327,8 +4323,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4384,8 +4378,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4418,15 +4410,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7227,7 +7215,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13936,27 +13924,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13974,19 +13980,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14008,7 +14054,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14038,22 +14084,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14069,37 +14136,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+uk.po b/contents+uk.po
index 02a8e17cbf..3f52d6fefa 100644
--- a/contents+uk.po
+++ b/contents+uk.po
@@ -18,7 +18,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Ukrainian (https://www.transifex.com/otf/teams/1519/uk/)\n"
@@ -4059,8 +4059,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4241,8 +4239,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4342,8 +4338,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4399,8 +4393,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4433,15 +4425,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7262,7 +7250,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13983,27 +13971,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14021,19 +14027,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14055,7 +14101,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14085,22 +14131,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14116,37 +14183,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+ur.po b/contents+ur.po
index 6104ef34a3..1bd79ef366 100644
--- a/contents+ur.po
+++ b/contents+ur.po
@@ -12,7 +12,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Urdu (https://www.transifex.com/otf/teams/1519/ur/)\n"
@@ -4049,8 +4049,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4231,8 +4229,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4332,8 +4328,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4389,8 +4383,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4423,15 +4415,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7232,7 +7220,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13941,27 +13929,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13979,19 +13985,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14013,7 +14059,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14043,22 +14089,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14074,37 +14141,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+uz.po b/contents+uz.po
index 98819c1ec9..d2d3d69bed 100644
--- a/contents+uz.po
+++ b/contents+uz.po
@@ -11,7 +11,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Uzbek (https://www.transifex.com/otf/teams/1519/uz/)\n"
@@ -4048,8 +4048,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4230,8 +4228,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4331,8 +4327,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4388,8 +4382,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4422,15 +4414,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7231,7 +7219,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13940,27 +13928,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13978,19 +13984,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14012,7 +14058,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14042,22 +14088,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14073,37 +14140,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+vi.po b/contents+vi.po
index dcc5ed3931..77d437d5dd 100644
--- a/contents+vi.po
+++ b/contents+vi.po
@@ -16,7 +16,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Vietnamese (https://www.transifex.com/otf/teams/1519/vi/)\n"
@@ -4069,8 +4069,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4251,8 +4249,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4352,8 +4348,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4409,8 +4403,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4443,15 +4435,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7260,7 +7248,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13969,27 +13957,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,19 +14013,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14041,7 +14087,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14071,22 +14117,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14102,37 +14169,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+vls.po b/contents+vls.po
index 9188b218be..62821efe6e 100644
--- a/contents+vls.po
+++ b/contents+vls.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Vlaams (https://www.transifex.com/otf/teams/1519/vls/)\n"
@@ -4043,8 +4043,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4225,8 +4223,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4326,8 +4322,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4383,8 +4377,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4417,15 +4409,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7226,7 +7214,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13935,27 +13923,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13973,19 +13979,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,7 +14053,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14037,22 +14083,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14068,37 +14135,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+yo.po b/contents+yo.po
index aabacf82dc..d960c36010 100644
--- a/contents+yo.po
+++ b/contents+yo.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Transifex Bot <>, 2022\n"
"Language-Team: Yoruba (https://www.transifex.com/otf/teams/1519/yo/)\n"
@@ -4043,8 +4043,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4225,8 +4223,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr ""
@@ -4326,8 +4322,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4383,8 +4377,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr ""
@@ -4417,15 +4409,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7226,7 +7214,7 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
@@ -13935,27 +13923,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -13973,19 +13979,59 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14007,7 +14053,7 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14037,22 +14083,43 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14068,37 +14135,34 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/alternate-designs/block-websites/
diff --git a/contents+zh-CN.po b/contents+zh-CN.po
index 95bbbd995c..2d3dd6c684 100644
--- a/contents+zh-CN.po
+++ b/contents+zh-CN.po
@@ -15,18 +15,18 @@
# YFdyh000 <yfdyh000@xxxxxxxxx>, 2021
# ciaran <ciaranchen@xxxxxx>, 2021
# MD Rights <psychi2009@xxxxxxxxx>, 2021
-# Emma Peel, 2022
# Cloud P <heige.pcloud@xxxxxxxxxxx>, 2022
# c0conut, 2022
# ff98sha, 2022
+# Emma Peel, 2022
#
msgid ""
msgstr ""
-"Project-Id-Version: Tor Project Support website\n"
-"Report-Msgid-Bugs-To: tor-l10n@xxxxxxxxxxxxxxxxxxxx\n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"Project-Id-Version: PACKAGE VERSION\n"
+"Report-Msgid-Bugs-To: \n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
-"Last-Translator: ff98sha, 2022\n"
+"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Chinese (China) (https://www.transifex.com/otf/teams/1519/zh_CN/)\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
@@ -4201,8 +4201,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4387,8 +4385,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "è¿?ä¼?å??æ?¨å±?示å??è¿?æ ·ç??å??容ï¼?"
@@ -4494,8 +4490,6 @@ msgstr "### éª?è¯?ç¾å??"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4557,8 +4551,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "å?½ä»¤ç??ç»?æ??åº?该ä¸?以ä¸?è¾?å?ºç?¸ä¼¼ç??å??容ï¼?"
@@ -4593,15 +4585,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### æ?´å¤?æ??ä½?ï¼?使ç?¨å?¬é?¥ï¼?"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7553,9 +7541,9 @@ msgstr "ä½ å?¯ä»¥å?¨ Tor æµ?è§?å?¨ç??å??ç½®ç½?æ¡¥ä¸?æ??å??ä¸é??æ?© meek-azure
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
-msgstr "å¦?æ??æ??个æ?¹æ³?æ? æ³?使ç?¨ï¼?å»ºè®®ä½ æ?¥ç?? [Tor æ?¥å¿?](../../connecting/connecting-2/)æ??å°?è¯?å?¶ä»?æ?¹æ³?ã??"
+msgstr ""
#: https//support.torproject.org/censorship/gettor-1/
#: (content/censorship/gettor-1/contents+en.lrquestion.title)
@@ -14419,27 +14407,45 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
@@ -14457,21 +14463,60 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14494,8 +14539,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14524,29 +14569,44 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14562,42 +14622,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents+zh-TW.po b/contents+zh-TW.po
index 8f75627b17..330c1a6f5e 100644
--- a/contents+zh-TW.po
+++ b/contents+zh-TW.po
@@ -15,7 +15,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: 2018-10-02 22:41+0000\n"
"Last-Translator: Emma Peel, 2022\n"
"Language-Team: Chinese (Taiwan) (https://www.transifex.com/otf/teams/1519/zh_TW/)\n"
@@ -4315,8 +4315,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -4502,8 +4500,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "æ?¨æ??該æ??ç??å?°é¡?ä¼¼ä¸?é?¢é??樣ç??è¨?æ?¯ï¼?"
@@ -4609,8 +4605,6 @@ msgstr "### é©?è?æ?¸ä½?ç°½ç« "
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -4672,8 +4666,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "該æ??令å?·è¡?å¾?æ??該æ??å?ºç?¾é¡?ä¼¼ä¸?é?¢é??樣ç??çµ?æ??ï¼?"
@@ -4710,15 +4702,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### å?¶ä»?æ?¹å¼?(使ç?¨å?¬é??é??é?°)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -7696,9 +7684,9 @@ msgstr "æ?¨å?¯ä»¥å?¨æ´?è?¥è·¯ç?±ç??覽å?¨ç??å?§å»ºæ©?æ?¥ä¸ç¹¼ç«?ä¸?æ??å¼?é?¸å?®
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
-msgstr "å¦?æ??é??äº?æ?¹å¼?è¡?ä¸?é??ç??話ï¼?è«?æ?¥é?±æ?¨ç??[æ´?è?¥è·¯ç?±æ·ç¨?è¨?é??](../../connecting/connecting-2/)並å??試å?¶ä»?æ?¹æ³?ã??"
+msgstr ""
#: https//support.torproject.org/censorship/gettor-1/
#: (content/censorship/gettor-1/contents+en.lrquestion.title)
@@ -14755,29 +14743,46 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
msgstr ""
-"å?¨æ??å??ç??[ä¸?è¼?é ?é?¢](https://www.torproject.org/download/tor)裡ï¼?æ¯?å??æª?æ¡?é?½æ??ä¼´é?¨è??ä¸?å??æ¨?è¨?ç?ºã??sigã??ç??å??å??æª?æ¡?ï¼?ä¸?å?¶å?¯æª?å??é?½æ?¯ã??.ascã??ï¼?"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
-msgstr "é??äº?.ascæª?æ¡?å°±æ?¯OpenPGPæ?¸ä½?ç°½ç« ã??"
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
-msgstr "é?¨è??網é ?ç??覽å?¨ä¸?å??ï¼?æ¤é?¨ä»½å?¯è?½æ??æ??äº?許差ç?°ï¼?ä½?æ?¯é??常æ?¨é?½å?¯ä»¥è??ç?±å?³é?µé»?æ??ã??sigã??é?£çµ?並é?¸æ??ã??å?¦å?æ?°æª?ã??é?¸é ?ä¾?å??å¾?ã??"
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
-msgstr "è??ä¾?ä¾?說ï¼?`tor-0.4.6.7.tar.gz`æª?æ¡?å°±æ??ä¼´é?¨è??`tor-0.4.6.7.tar.gz.asc`æª?ï¼?"
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14794,23 +14799,60 @@ msgstr "é??å??æ?¹å¼?æ??é?¨è??æ?¨æ??使ç?¨ç??系統ç?¼è¡?ç??ä¸?å??è??æ??æ??å·®ç?°
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
msgstr ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451)以å??Nick Mathewson"
-" (0xFE43009C4607B1FB)æ??è² è²¬ç°½ç½²æ´?è?¥è·¯ç?±å??å§?ç¨?å¼?碼ç??tarballå??ï¼?"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
-msgstr "å??å¾?Nick Mathewsonç??æ??æ?°é??é?°æ??令å¦?ä¸?ï¼?"
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14833,8 +14875,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14863,29 +14905,44 @@ msgstr "æ??è??æ?¯ä¹?å?¯ä»¥å?©ç?¨**å?¶ä»?æ?¹å¼?(使ç?¨å?¬é??é??é?°)**ç« ç¯?ä»?ç´¹
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
-"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -14901,46 +14958,35 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
-"Nick "
-"Mathewsonç??é??é?°ä¹?æ??å??æ??å?æ?¾å?¨[keys.openpgp.org](https://keys.openpgp.org/)ä¸?ï¼?æ??以ä¹?å?¯ä»¥å¾?[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)ä¸?è¼?å??å¾?ã??"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
-msgstr "è?¥æ?¨æ?¯MacOSæ??è??GNU/Linuxç??使ç?¨è??ï¼?ä¹?å?¯ä»¥å?©ç?¨ä¸?å??æ??令é??å??å¾?é??é?°ï¼?"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr ""
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
diff --git a/contents.pot b/contents.pot
index 5572352d57..9bb46fe5a3 100644
--- a/contents.pot
+++ b/contents.pot
@@ -3,7 +3,7 @@ msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2022-02-14 13:40+UTC\n"
+"POT-Creation-Date: 2022-02-17 08:03+UTC\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: en <LL@xxxxxx>\n"
@@ -4954,8 +4954,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"They allow you to verify the file you've downloaded is exactly the one that "
"we intended you to get."
@@ -5169,8 +5167,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "This should show you something like:"
msgstr "This should show you something like:"
@@ -5287,8 +5283,6 @@ msgstr "### Verifying the signature"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"To verify the signature of the package you downloaded, you will need to "
"download the corresponding \".asc\" signature file as well as the installer "
@@ -5360,8 +5354,6 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "The result of the command should produce something like this:"
msgstr "The result of the command should produce something like this:"
@@ -5399,15 +5391,11 @@ msgstr ""
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid "#### Workaround (using a public key)"
msgstr "#### Workaround (using a public key)"
#: https//support.torproject.org/tbb/how-to-verify-signature/
#: (content/tbb/how-to-verify-signature/contents+en.lrquestion.description)
-#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
-#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"If you encounter errors you cannot fix, feel free to [download and use this "
"public key](https://openpgpkey.torproject.org/.well-";
@@ -8925,10 +8913,10 @@ msgstr ""
#: https//support.torproject.org/censorship/connecting-from-china/
#: (content/censorship/connecting-from-china/contents+en.lrquestion.description)
msgid ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
msgstr ""
-"If one of these options below is not working, check your [Tor "
+"If one of these options above is not working, check your [Tor "
"logs](../../connecting/connecting-2/) and try another option."
#: https//support.torproject.org/censorship/gettor-1/
@@ -17104,35 +17092,61 @@ msgstr ""
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
msgstr ""
"Each file on our [download page](https://www.torproject.org/download/tor) is"
-" accompanied by a file labelled \"sig\" with the same name as the package "
-"and the extension \".asc\"."
+" accompanied by two files which are labelled \"checksum\" and \"sig\" with "
+"the same name as the package and the extension \".sha256sum\" and "
+"\".sha256sum.asc\" respectively."
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
+msgstr ""
+"The `.asc` file will verify that the `.sha256sum` file (containing the "
+"checksum of the package) has not been tampered with. Once the signature has "
+"been validated (see below on how to do it), the package integrity can be "
+"validated with:"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "These .asc files are OpenPGP signatures."
-msgstr "These .asc files are OpenPGP signatures."
+msgid "`$ sha256sum -c *.sha256sum`"
+msgstr "`$ sha256sum -c *.sha256sum`"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
+msgstr ""
+"These files allow you to verify the file you've downloaded is exactly the "
+"one that we intended you to get."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
msgstr ""
"This will vary by web browser, but generally you can download this file by "
-"right-clicking the \"sig\" link and selecting the \"save file as\" option."
+"right-clicking the \"sig\" and \"checksum\" link and selecting the \"save "
+"file as\" option."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
msgstr ""
"For example, `tor-0.4.6.7.tar.gz` is accompanied by "
-"`tor-0.4.6.7.tar.gz.asc`."
+"`tor-0.4.6.7.tar.gz.sha256sum.asc`."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17151,23 +17165,74 @@ msgstr "How to do this will vary depending on your distribution."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+msgstr ""
+"The following keys can sign the tarball. Don't expect them all, it can vary "
+"depending on who is available to make the release."
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+msgstr ""
+"- Alexander Færøy: "
+"[514102454D0A87DB0767A1EBBE6A0531C18A9179](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/1C1BC007A9F607AA8152C040BEA7B180B1491921)"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+msgstr ""
+"- David Goulet: "
+"[B74417EDDF22AC9F9E90F49142E86A2A11F48D36](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/B74417EDDF22AC9F9E90F49142E86A2A11F48D36)"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+msgstr ""
+"- Nick Mathewson: "
+"[2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
+"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "You can fetch the key with the links provided above or with:"
+msgstr "You can fetch the key with the links provided above or with:"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
msgstr ""
-"Roger Dingledine (0xEB5A896A28988BF5 and 0xC218525819F78451), Nick Mathewson"
-" (0xFE43009C4607B1FB) sign Tor source tarballs."
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys ahf@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "Fetching Nick Mathewson most recent key:"
-msgstr "Fetching Nick Mathewson most recent key:"
+msgid ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
+msgstr ""
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys dgoulet@xxxxxxxxxxxxxx"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
msgstr ""
-"â?ª$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+"$ gpg --auto-key-locate nodefault,wkd --locate-keys nickm@xxxxxxxxxxxxxx"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "This should show you something like (for nickm):"
+msgstr "This should show you something like (for nickm):"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17190,8 +17255,8 @@ msgstr "2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
-msgstr "â?ªuid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgid "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
+msgstr "uid [ unknown] Nick Mathewson <nickm@xxxxxxxxxxxxxx>"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17224,29 +17289,56 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
msgstr ""
-"â?ª$ gpg --output ./tor.keyring --export "
+"$ gpg --output ./tor.keyring --export "
"0x2133BC600AB133E1D826D173FE43009C4607B1FB"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
msgstr ""
-"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.7.tar.gz.asc "
-"Downloads\\tor-0.4.6.7.tar.gz"
+"To verify the signature of the package you downloaded, you will need to "
+"download the corresponding `.sha256sum.asc` signature file and the "
+"`.sha256sum` file itself, and verify it with a command that asks GnuPG to "
+"verify the file that you downloaded."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
msgstr ""
-"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.7.tar.gz.asc "
-"~/Downloads/tor-0.4.6.7.tar.gz"
+"gpgv --keyring .\\tor.keyring Downloads\\tor-0.4.6.10.tar.gz.sha256sum.asc "
+"Downloads\\tor-0.4.6.10.tar.gz.sha256sum"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+msgstr ""
+"gpgv --keyring ./tor.keyring ~/Downloads/tor-0.4.6.10.tar.gz.sha256sum.asc "
+"~/Downloads/tor-0.4.6.10.tar.gz.sha256sum"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "#### For BSD/Linux users:"
+msgstr "#### For BSD/Linux users:"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
+msgstr ""
+"The result of the command should produce something like this (depending on "
+"which key signed it):"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
@@ -17262,49 +17354,37 @@ msgstr ""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
-msgstr "â?ªgpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgid "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
+msgstr "gpgv: Good signature from \"Nick Mathewson <nickm@xxxxxxxxxxxxxx>\""
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
-msgstr ""
-"â?ª$ curl -s https://openpgpkey.torproject.org/.well-";
-"known/openpgpkey/torproject.org/hu/kounek7zrdx745qydx6p59t9mqjpuhdf |gpg "
-"--import -"
+msgid "### Verifying checksum"
+msgstr "### Verifying checksum"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
msgid ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
msgstr ""
-"Nick Mathewson key is also available on "
-"[keys.openpgp.org](https://keys.openpgp.org/) and can be downloaded from "
-"[https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB](https://keys.openpgp.org/vks/v1/by-";
-"fingerprint/2133BC600AB133E1D826D173FE43009C4607B1FB)."
+"Now that we validated the signatures of the checksum, we need to verify the "
+"integrity of the package."
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
-msgstr ""
-"If you're using macOS or GNU/Linux, the key can also be fetched by running "
-"the following command:"
+msgid "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
+msgstr "certUtil -hashfile tor-0.4.6.10.tar.gz.sha256sum SHA256"
#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
-msgid "â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
-msgstr ""
-"â?ª$ gpg --keyserver keys.openpgp.org --search-keys nickm@xxxxxxxxxxxxxx"
+msgid "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
+msgstr "shasum -a 256 tor-0.4.6.10.tar.gz.sha256sum"
+
+#: https//support.torproject.org/little-t-tor/verify-little-t-tor/
+#: (content/little-t-tor/verify-little-t-tor/contents+en.lrquestion.description)
+msgid "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
+msgstr "sha256sum -c tor-0.4.6.10.tar.gz.sha256sum"
#: https//support.torproject.org/alternate-designs/block-websites/
#: (content/alternate-designs/block-websites/contents+en.lrquestion.title)
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits