[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Absence of digital signature of TBB sources
On 04.04.2012 19:15, Erinn Clark wrote:
> * Robert Ransom <rransom.8774@xxxxxxxxx> [2012:04:04 10:44 +0000]:
>> On 2012-04-04, James Brown <jbrownfirst@xxxxxxxxx> wrote:
>>> Very sorry for creating a new topic, but that issue still don't resolve.
>>> As I wrote earlier (
>>> https://lists.torproject.org/pipermail/tor-talk/2012-March/023755.html )
>>> there is no digital signature of the latest sources code of the TBB.
>> The Git tag is signed.
>> The official TBBs are built from the sources in Git, not from the
>> tarballs. There probably shouldn't be any release tarballs for TBB
>> source code.
> Agreed. As for now, I've re-signed the current tarball, but for the next
> release the website will be updated to only refer to the git tag and tarballs
> will be discontinued.
Are the "snapshot"
not the same that the "tarball"?
And how can I check signatures of the git tags?
tor-talk mailing list